[Openswan Users] ipsec vpn fallback
Paul Wouters
paul at xelerance.com
Wed Jun 1 17:25:56 CEST 2005
On Wed, 1 Jun 2005, Ming-Ching Tiew wrote:
> I am using kernel 2.4.29 and openswan 2.3.1, the 'ipsec.conf' I have
> included below. I could bring up ipsec on link1 ( ipsec0 ) this
> way :-
>
> ipsec auto --up link1
>
> This is all fine and proper, however, when the link1 fails, I
> bring down ipsec on link1 and bring up ipsec1 on link2,
>
> ipsec auto --down link1
> ipsec auto --up link2
>
> The second command fail to properly establish the IKE negotiation,
> it seems to do with some routing issue. If I rework the ipsec.conf,
> changing interfaces="ipsec0=eth2 ipsec1=eth1" and issue commands
>
> ipsec setup restart
> ipsec auto --up link2
That should not be neccessary. What are the exact IKE errors you see?
Paul
More information about the Users
mailing list