[Openswan Users] /etc/init.d/ipsec status : How to know if tunnels created are bidirectional!
systems.satpal at gmail.com
Tue Jan 31 03:27:43 EST 2012
Thanks for your prompt response Muenz! Please find my response below.
On Tue, Jan 31, 2012 at 1:08 PM, Muenz, Michael <m.muenz at spam-fetish.org> wrote:
> Am 31.01.2012 07:45, schrieb satpal parmar:
>> Hi All!
>> I am facing a small problem. I have ipsec running on two Linux boxes.
>> Now I want to connect them through ipsec tunnels. I build a small
>> script for this as you have to type them every time for a connection
>> service ipsec stop
>> service ipsec start
>> ipsec auto --add test
>> ipsec auto --up test
> Why don't you use auto=start?
How it help when Ipsec is not yet started in other side of
connection.Will it wait ? I tried this but I am getting same
>> Now I want to know if there is guarantee these two tunnel
>> bidirectional. Is it possible to have two unidirectional tunnel btn
>> two two boxes? What is the correct I interpretation this message from
> With KLIPS you could do a ipsec eroute, grep the tunnel und check the state.
I am not using KLIPS but netkey. State is ok I can see debug logs . I
was looking for more descriptive information on nature of tunnel.
>> Any suggestion on this automation of connection is welcomed
> If there's no reason against keeping the tunnel always up, I would invest
> the time fixing this problem.
> Users at lists.openswan.org
> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> Building and Integrating Virtual Private Networks with Openswan:
More information about the Users