[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

isakmpd/vpn robustness

How robust is the OpenBSD IPSec/isakmpd software?

One would think that it should be possible to:

	1. kill `cat /var/run/isakmpd.pid`
	2. ipsecadm flush
	3. /sbin/isakmpd

Is this true or are there some other synchronization issues
that need to be considered?

I ask only because I have found emperically, that the
above method does not always work. In order to re-establish
the VPN tunnel I sometimes have to restart not only the 
peer isakmpd but also the process on the concentrator machine.
(I have a central VPN hub with two peers).

Quist Consulting		Email: russ_(_at_)_quist_(_dot_)_ca
219 Donlea Drive 		Voice: +1.416.696.7600
Toronto ON  M4G 2N1		Cell:  +1.416.803.0080
CANADA				WWW:   http://www.quist.ca