[Openswan Users]

[Paul Wouters]

On Thu, 9 Feb 2006, Chen Lintao wrote:

> Maybe this is one way out . Run individual Pluto on each interface . I will
> try

You must not attempt this. If one pluto would restart it would nuke all the
IPsec SA's the kernel has, because it will not be aware of a second pluto.

If your own ip changes, you will need to somehow restart the connection.
eg script "ipsec auto --replace yourconn ; ipsec auto --up yourconn".

Paul