[Openswan Users] How to add new interface to running openswan
Paul Wouters
paul at xelerance.com
Mon May 23 12:43:35 CEST 2005
On Mon, 23 May 2005, Alexander Samad wrote:
> tried but to no avail, I don't have a ipsec0. running 2.6.11
Then the tuncfg command is not needed. Using the ipsec whack --listen
and ipsec auto --replace and --up the connection should then work though.
Paul
> I looked thorugh my logs and found that it loads interface eth0/eth0,
> tried that to no avail
>
> A
>
> On Mon, May 23, 2005 at 12:56:10AM +0200, Paul Wouters wrote:
>> On Mon, 23 May 2005, Alexander Samad wrote:
>>
>>> Is there any way to re attached this interface without having to re
>>> start open swan so that I can use it ?
>>
>> If your interface appears with the same IP address, yes. I personally use:
>>
>> # default route moves from ppp to ipsec device because I use extrusion
>> echo "fixing default route for ipsec fixup"
>> route del default
>> route add default gw yourgateway dev ppp0
>> # if openswan runs, re-attach
>> if [ -f /var/run/pluto.pid ]
>> then
>> echo "IPsec is running, fixing ipsec over ppp"
>> echo "Detaching ipsec0 from previous ppp0 device"
>> ipsec tncfg --detach --virtual ipsec0 > /dev/null 2> /dev/null
>> echo "Attaching ipsec0 to new ppp0"
>> ipsec tncfg --attach --virtual ipsec0 --physical ppp0
>> fi
>>
>>> it seem like when the pppoe goes through a dhcp cycle i can no longer
>>> send out that interface
>>
>> If your IP address has changed, and you used something like
>> left=%defaultroute
>> then you might get away with the above, plus:
>> ipsec whack --listen
>> ipsec --replace connname
>> ipsec --up connname
>>
>> Paul
>>
>
More information about the Users
mailing list