[Openswan Users] How to add new interface to running openswan

Alexander Samad alex at samad.com.au
Mon May 23 12:24:43 CEST 2005


Thanks I will give that a go
save me having to stop and restart ipsec

> On Mon, 23 May 2005, Alexander Samad wrote:
>
>> Is there any way to re attached this interface without having to re
>> start open swan so that I can use it ?
>
> If your interface appears with the same IP address, yes. I personally use:
>
> # default route moves from ppp to ipsec device because I use extrusion
> echo "fixing default route for ipsec fixup"
> route del default
> route add default gw yourgateway dev ppp0
> # if openswan runs, re-attach
> if [ -f /var/run/pluto.pid ]
> then
>          echo "IPsec is running, fixing ipsec over ppp"
>          echo "Detaching ipsec0 from previous ppp0 device"
>          ipsec tncfg --detach --virtual ipsec0 > /dev/null 2> /dev/null
>          echo "Attaching ipsec0 to new ppp0"
>          ipsec tncfg --attach --virtual ipsec0 --physical ppp0
> fi
>
>> it seem like when the pppoe goes through a dhcp cycle i can no longer
>> send out that interface
>
> If your IP address has changed, and you used something like
>  	left=%defaultroute
> then you might get away with the above, plus:
>  	ipsec whack --listen
>  	ipsec --replace connname
>  	ipsec --up connname
>
> Paul
>
>




More information about the Users mailing list