| Age | Commit message (Collapse) | Author |
|---|
|
ipsec.conf file
Commenting out the tunnel and restoring it does not reset the tunnel.
Use the ipsec commands to actually bring it down and back up to properly
reset the tunnel.
|
|
Add a new cli 'reset vpn ipsec-peer <peer-ip> vti'.
|
|
(cherry picked from commit dc6d6a389a1648ebd3240691d76edf7fa523d05d)
|
|
|
|
(cherry picked from commit 32927e013922e1a79b0f214773e2500a1260871a)
|
|
* use `ipsec update` instead of openswan's `ipsec auto`
commands to make 'clear vpn ipsec-peer <> tunnel <>' work
* no `ipsec barf` in strongswan. instead use detailed version
of the command status i.e. `ipsec statusall` for 'show vpn debug detail'
* use strongswan's syntax for `ipsec rereadall` and `ipsec status`
(cherry picked from commit 2c5e47cc7871bc7da84f3a14398b15cf3b1da352)
|
|
added new operational mode commands -
clear vpn ipsec-peer peer <peer> # clear all tunnels for given peer
clear vpn ipsec-peer peer <peer> tunnel <tunnel> # clear specific tunnel
If peer is 0.0.0.0/any/@id then tunnel is brought down and loaded again
but connection is not initiated as remote end could be multiple end-points
The remote ends will bring up the tunnel when they get/detect tunnel down
* don't call script with sudo from templates. use sudo in script where needed
* script clean up
|
|
- fix sloppy script which dies with "Unknown op" on valid ops.
- use vyatta config rather than ipsec.conf to determine if running
|
|
|
|
detail' so that they no longer require sudo password.
|
