[Openswan Users] RE : Re: DPD / Multiple SA

[GODARD Jean-Charles]

Hi Paul,
 
 Thanks for the update, then we will wait for the next stable version.

May be we will write some scripts to check the status of the eroutes when traffic does not flow into the tunnels... we will see how we can wait for the update.

If you need some more debugs that can help, just let me know.

Cheers,

Jean-Charles

Paul Wouters <paul at xelerance.com> a écrit : On Tue, 28 Nov 2006, Paul Wouters wrote:

[ DPD ]

> > What i can't understand, is why only one SA on the 5 SAs is brought up back, same for eroute, only one up, others are in hold or trap status...
> >
> > The renegotiation does not fail, it is simply not initiated :/
> >
> > I have seen in a recent post that we can adapt the _updown script to add "ipsec auto --replace conn" and "ipsec auto --up conn" but i did not succeed to find the correct way to achieve this :(
>
> I thought we recently added a fix for this. Perhaps it did not make it in 2.4.7.
> I'll get back to you on this one.
>
> Paul

Just to confirm, this will not be fixed in the 2.4 series. It has been fixed in
the 2.5 series, but the changes were significant enough that we don't want to
backport this to 2.4. We are hoping to switch the "stable" version of openswan
to the 2.5 series soon anyway.

Paul


 		
---------------------------------
 Découvrez une nouvelle façon d'obtenir des réponses à toutes vos questions ! Profitez des connaissances, des opinions et des expériences des internautes sur Yahoo! Questions/Réponses.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20061128/1b22e636/attachment.html