[Openswan Users] ipsec %hold
Paul Wouters
paul at xelerance.com
Sun Feb 12 03:41:43 CET 2006
On Fri, 10 Feb 2006, Andrew Rice wrote:
> ok I have a question...what does %hold mean when you pull an ipsec eroute?
A security policy exists for the remote end, but the security association is
not up, so packets cannot be send. In other words, we think the remote end
should be talking IPsec to us, but it isn't, so the hold prevents plaintext
packets from being sent.
Paul
More information about the Users
mailing list