Schedules for IPSec tunnels
we have configured a new IPSec Tunnel to Amazon AWS VPC.
Amazon charges $0.05 per VPN Connection-Hour... we really do not need the tunnel 24/7 ;-)
To save money the idea is to stop and start the tunnel with a crontable entry.
My question: how can I start/stop or enable/disable a particular IPSec tunnel on the command line?
i know that you can start / stop ipsec services with
pfSsh.php playback svc stop ipsec pfSsh.php playback svc start ipsec
but i don't know for a specific tunnel if it's possible
many thx kiokoman this solution is working as cron entries ;-)
Unfortunately I have other vpn tunnels which must be up, so I cannot use it.
Perhaps this will help
ipsec up <name> tells the IKE daemon to start up connection <name>. Implemented by calling the ipsec stroke up <name> command. ipsec down <name> tells the IKE daemon to terminate connection <name>. Implemented by calling the ipsec stroke down <name> command.
For example ,
ipsec down con2000
@Konstanti many thx .. that's it
btw. the connection name is displayed in the first column in the IPSec-Status Page table:
"con1000: #4" => con1000
@sepp_huber Amazon will bill you whether the tunnel is up or down. You have to completely disable it on the AWS side to stop the billing.
Nice try :-(
@Derelict : thx for the hint.
There is no feature to disable it, it must be deleted to stop billing ... and if you create it again you get a new configuration, not very cost efficient...