[Openswan Users] /etc/init.d/ipsec status : How to know if tunnels created are bidirectional!

[satpal parmar]

Hi All!

I am facing a small problem. I have ipsec running on two Linux boxes.
Now I want to connect them through ipsec tunnels. I build a small
script for this as you have to type them every time  for a connection
:

#!/bin/sh

service ipsec stop
service ipsec start
ipsec auto --add test
ipsec auto --up test

I have this on both sides of my connections. My problem is when I run
I get following message very often .


root at vnl-desktop:~# ./ipsec_restart.sh
ipsec_setup: Stopping Openswan IPsec...
ipsec_setup: Starting Openswan IPsec U2.6.23/K2.6.32-33-generic...
024 need --listen before --initiate



Many times  in while I get :

root at R3BTS-CP-PFS1.0# /etc/init.d/ipsec status
IPsec running  - pluto pid: 2807
pluto pid 2807
1 tunnels up
some eroutes exist


And in ramdom  cases I get :

root at R3BTS-CP-PFS1.0# /etc/init.d/ipsec status
IPsec running  - pluto pid: 2807
pluto pid 2807
2 tunnels up
some eroutes exist

Now I want to know if there is guarantee these two tunnel
bidirectional. Is it possible to have two unidirectional tunnel btn
two two boxes? What is the correct I interpretation  this message from
status.

Any suggestion on this automation of connection is welcomed!

-SP