[Openswan Users] /etc/init.d/ipsec status : How to know if tunnels created are bidirectional!
satpal parmar
systems.satpal at gmail.com
Tue Jan 31 03:27:43 EST 2012
Thanks for your prompt response Muenz! Please find my response below.
On Tue, Jan 31, 2012 at 1:08 PM, Muenz, Michael <m.muenz at spam-fetish.org> wrote:
> Am 31.01.2012 07:45, schrieb satpal parmar:
>
>> Hi All!
>>
>> I am facing a small problem. I have ipsec running on two Linux boxes.
>> Now I want to connect them through ipsec tunnels. I build a small
>> script for this as you have to type them every time for a connection
>> :
>>
>> #!/bin/sh
>>
>> service ipsec stop
>> service ipsec start
>> ipsec auto --add test
>> ipsec auto --up test
>
>
> Why don't you use auto=start?
How it help when Ipsec is not yet started in other side of
connection.Will it wait ? I tried this but I am getting same
response.
>
>
>>
>> Now I want to know if there is guarantee these two tunnel
>> bidirectional. Is it possible to have two unidirectional tunnel btn
>> two two boxes? What is the correct I interpretation this message from
>> status.
>
>
> With KLIPS you could do a ipsec eroute, grep the tunnel und check the state.
I am not using KLIPS but netkey. State is ok I can see debug logs . I
was looking for more descriptive information on nature of tunnel.
>> Any suggestion on this automation of connection is welcomed
>
>
> If there's no reason against keeping the tunnel always up, I would invest
> the time fixing this problem.
Thanks.
>
> Michael
> _______________________________________________
> Users at lists.openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list