[Openswan Users] ipsec %hold

Paul Wouters paul at xelerance.com
Sun Feb 12 03:41:43 CET 2006

Previous message: [Openswan Users] ipsec %hold
Next message: [Openswan Users] unencrypted l2tp packets
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 10 Feb 2006, Andrew Rice wrote:

> ok I have a question...what does %hold mean when you pull an ipsec eroute?

A security policy exists for the remote end, but the security association is
not up, so packets cannot be send. In other words, we think the remote end
should be talking IPsec to us, but it isn't, so the hold prevents plaintext
packets from being sent.

Paul

Previous message: [Openswan Users] ipsec %hold
Next message: [Openswan Users] unencrypted l2tp packets
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list