=?gb2312?B?tPC4tDogW09wZW5zd2FuIFVzZXJzXQ==?=
Chen Lintao
chenlt at icevpn.org
Thu Feb 9 17:17:44 CET 2006
Summary :
1. when ppp interfaces changes, using "ipsec tncfg" to change KLIPS =
mapping=20
2. when ppp pip changes=20
1) using "ipsec whack --listen" refresh listening ip ipaddress
2) script "ipsec auto --replace yourconn ; ipsec auto --up yourconn"
That's clear ??
-----=D3=CA=BC=FE=D4=AD=BC=FE-----
=B7=A2=BC=FE=C8=CB: Paul Wouters [mailto:paul at xelerance.com]=20
=B7=A2=CB=CD=CA=B1=BC=E4: 2006=C4=EA2=D4=C29=C8=D5 14:39
=CA=D5=BC=FE=C8=CB: Chen Lintao
=B3=AD=CB=CD: fs at globalnetit.com; users at openswan.org
=D6=F7=CC=E2: Re: [Openswan Users]
On Thu, 9 Feb 2006, Chen Lintao wrote:
> Maybe this is one way out . Run individual Pluto on each interface . I
will
> try
You must not attempt this. If one pluto would restart it would nuke all =
the
IPsec SA's the kernel has, because it will not be aware of a second =
pluto.
If your own ip changes, you will need to somehow restart the connection.
eg script "ipsec auto --replace yourconn ; ipsec auto --up yourconn".
Paul
More information about the Users
mailing list