[Openswan dev] terminating an instance roadwarrior
Paul Wouters
paul at xelerance.com
Thu Dec 2 23:45:10 EST 2010
On Thu, 2 Dec 2010, Danilo Godec wrote:
> I have multiple road warriors using L2TP over IPSEC. It sometimes
> happens that one (or some) of them get 'stuck' - their Windows VPN
> client seems to disconnect, but my OpenSwan server doesn't (always?)
> detect it.
>
> In such a case the users have to wait for an hour before their
> connections are successful again.
They should be able to reconnect. If not, that is a bug. Be sure to use
a really modern openswan (2.6.30 or better) and xl2tpd 1.2.6 or better.
> I can speed up the process if I manually do 'ipsec auto --down rw-net' -
> however that kicks off all of the users, which is not quite desirable...
>
> Is there a way to 'down' ('reset') just one of the road warrior tunnels?
The cheating way is: ipsec whack --crash ipaddress_of_roadwarrior
I am not sure if there is a way to terminate just an instance of a conn
using ipsec whack --terminate or ipsec auto --down. Perhaps Hugh or
someone on dev@ knows this?
Paul
More information about the Dev
mailing list