[Users] RE: i Did try what u suggested and here is the output i got ..

From: Nayar, Deep (deep.nayar_at_terayon.com)
Date: Thu Aug 08 2002 - 23:32:37 CEST

• Next message: Jordan Share: "RE: [Users] Ping ok, net use fails"
• Previous message: Mat Harrison: "Re: [Users] Assistance Please"
• Next in thread: Stephen J. Bevan: "[Users] RE: i Did try what u suggested and here is the output i got .."
• Reply: Stephen J. Bevan: "[Users] RE: i Did try what u suggested and here is the output i got .."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi ,

eth0: 10.1.3.120
ipsec0: attached to eth0

1) If i detach ipsec before bringing down the interface!!!

$ ipsec tncfg detach --virtual ipsec0
$ ifdown eth0
..change eth0 address to 10.1.4.120
$ ifup eth0
$ ipsec tncfg attach --virtual ipsec0 --physical eth0

When I added a new connection and tried 'ipsec auto --route newconn', I got:
003 route-host command exited with status 7
025 could not route

With ifconfig, I saw the ip address of ipsec0 not updated, still 10.1.3.120

2) If i first bring down the interface.

$ ifdown eth0
change ip
$ ifup etho

The do a detach and an attach as suggested:
$ ipsec tncfg --detatch --virtual ipsec0
$ ipsec tncfg --attach --virtual ipsec0 --physical eth0

The first command gives me this error.
/usr/local/lib/ipsec/tncfg: Socket ipctl failed on detach --No such device.
Is the virtual device valid? The ipsec module may not be linked into the
kernel or loaded as a module.

ifconfig still shows ipsec0 bound to 10.1.3.120 but
ipsec look doesn'e give anything for ipsec0.

Regards,
Deep

-----Original Message-----
From: Stephen J. Bevan [mailto:stephen_at_dino.dnsalias.com]
Sent: Thursday, August 08, 2002 11:20 AM
To: Nayar, Deep
Cc: 'linux-ipsec_at_freeswan.org'
Subject: [Users] What happens if the physical interface IP address is
changed ...a nd an IPSEC logical ipsec0 is bound to it ..

Nayar, Deep writes:
> Now what is see is that the ipsec0 is still attached to interface
> 10.1.2.4(previous)
> and while i try to bind it to the new interface (using ipsec tncfg)
command
> , it gives me an error telling me that ispec0 is already bound.

Did you try detatching it first i.e. when eth0 comes back up (with a
new address) do :-

 $ ipsec tncfg --detatch --virtual ipsec0
 $ ipsec tncfg --attach --virtual ipsec0 --physical eth0
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

• Next message: Jordan Share: "RE: [Users] Ping ok, net use fails"
• Previous message: Mat Harrison: "Re: [Users] Assistance Please"
• Next in thread: Stephen J. Bevan: "[Users] RE: i Did try what u suggested and here is the output i got .."
• Reply: Stephen J. Bevan: "[Users] RE: i Did try what u suggested and here is the output i got .."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Aug 09 2002 - 02:19:39 CEST