[Openswan Users] How to add new interface to running openswan
Paul Wouters
paul at xelerance.com
Mon May 23 01:56:10 CEST 2005
On Mon, 23 May 2005, Alexander Samad wrote:
> Is there any way to re attached this interface without having to re
> start open swan so that I can use it ?
If your interface appears with the same IP address, yes. I personally use:
# default route moves from ppp to ipsec device because I use extrusion
echo "fixing default route for ipsec fixup"
route del default
route add default gw yourgateway dev ppp0
# if openswan runs, re-attach
if [ -f /var/run/pluto.pid ]
then
echo "IPsec is running, fixing ipsec over ppp"
echo "Detaching ipsec0 from previous ppp0 device"
ipsec tncfg --detach --virtual ipsec0 > /dev/null 2> /dev/null
echo "Attaching ipsec0 to new ppp0"
ipsec tncfg --attach --virtual ipsec0 --physical ppp0
fi
> it seem like when the pppoe goes through a dhcp cycle i can no longer
> send out that interface
If your IP address has changed, and you used something like
left=%defaultroute
then you might get away with the above, plus:
ipsec whack --listen
ipsec --replace connname
ipsec --up connname
Paul
More information about the Users
mailing list