ISAKMPD reconfiguration on fly

From Igor personal wiki
Jump to: navigation, search

Nice article:

http://undeadly.org/cgi?action=article&sid=20131125041429

Removing SA for tunnel:

let's have a look what is in the SAD in a "raw" manner 

echo S > /var/run/isakmpd.fifo
less /var/run/isakmpd.result

Look for SA name for phase 1 and 2

Remove phase 2 and 1 using these names: 

echo 't quick VPN-IB-BAN-NET' > /var/run/isakmpd.fifo
echo 't main bangalore' > /var/run/isakmpd.fifo

Reread configuration file and update tunnel 

echo 'R' > /var/run/isakmpd.fifo

check running config 

echo 'r' > /var/run/isakmpd.fifo
grep isa /var/log/messages
Retrieved from "http://wiki.it-security.ca/404.html"