IPSEC Changes Require Reboot

Reply to IPSEC Changes Require Reboot on Thu, 28 Sep 2017 21:10:09 GMT

khancock — Thu, 28 Sep 2017 21:10:09 GMT

Nothing special about them, just adding another host or network to the tunnel. I haven't stopped and started the IPSEC service, just used the icon that shows restart service. We'll try that.

This config has been running around 7 years and this behavior started around 2 years ago.

Reply to IPSEC Changes Require Reboot on Thu, 28 Sep 2017 15:37:55 GMT

jimp — Thu, 28 Sep 2017 15:37:55 GMT

@khancock:

If I add another Phase 2 entry I have to reboot.

I make P2 changes all the time and they take effect when expected, you'll have to be more specific. Do these new P2s get added to only a single tunnel? Do they overlap anything else? Anything special about them?

Since this doesn't appear to be happening to anyone else, there must be something distinct about your setup that is triggering the behavior

@khancock:

I tried to restart just IPSEC but it does not work

Did you use the "restart" button or did you actually stop and then start the service as I suggested? A restart doesn't restart IPsec, it only tells strongSwan to reload the configuration file.

Reply to IPSEC Changes Require Reboot on Wed, 27 Sep 2017 22:44:03 GMT

khancock — Wed, 27 Sep 2017 22:44:03 GMT

If I add another Phase 2 entry I have to reboot. I tried to restart just IPSEC but it does not work. I thought this was due to old hardware so I upgraded to NetGate and the problem persists.

Reply to IPSEC Changes Require Reboot on Wed, 27 Sep 2017 15:20:21 GMT

jimp — Wed, 27 Sep 2017 15:20:21 GMT

What changes, specifically? I haven't ever seen that happen that I can recall.

Next time, instead of a reboot, if the changes do not apply then go to Status > Services and stop the IPsec service and then start it again. Do not use the restart button.