Hosting Provided By

Re: Interoperation isakmpd and freeswan

From: Hakan Olsson <ho(at)crt.se>
Date: Fri Feb 28 2003 - 05:24:58 EST

isakmpd expects the other side to send a DELETE notification on shutdown. (for example, if you kill(SIGTERM) isakmpd it will send DELETEs to all peers that it has active tunnels to).

I do not know if FreeS/WAN supports DELETEs, though.

Otherwise, while the old SAs are kept, the kernel should start using the new ones after the (re)negotiation. The old ones will stay around until they expire, but they should not be used anymore. (There has been some work in how the kernel selects SAs, but I do not think this has changed...)

On Fri, 28 Feb 2003, Ralf Hornik wrote:

> Hi all,

--
Håkan Olsson         (+46) 708 437 337     Carlstedt Research
Unix, Networking, Security      (+46) 31 701 4264        & Technology AB

Received on Fri Feb 28 05:26:36 2003

This message: [ Message body ]
Next message: Ralf Hornik: "Re: Interoperation isakmpd and freeswan"
In reply to: Ralf Hornik: "Interoperation isakmpd and freeswan"
In reply to Admins WebSecurity: "ISAKMPD with 2 x DYNDNS - we did it !"
Next in thread: Ralf Hornik: "Re: Interoperation isakmpd and freeswan"
Reply: Ralf Hornik: "Re: Interoperation isakmpd and freeswan"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 13:48:30 EDT