Start and restart IPsec tunnels

Post your thoughts and suggestions here!
Post Reply
kgtyroll
Posts: 3
Joined: 10 May 2009, 22:00

Start and restart IPsec tunnels

Post by kgtyroll » 18 Feb 2022, 13:19

Hi

It would be a welcome feature in the Firewall WEB UI to have the option to start/restart an IPsec tunnel. Even though the problem is rarely on the Clavister end, it could be a good assist in the UI while troubleshooting tunnels with external parties.
Normally restart can be done with killing the IKE SA, but it can be improved a lot.

Most other vendors have the option to also initiate the tunnel - and a lot of them the option to decide on what P1 and P2 SAs to restart. So you would actually be able to restart a single P2 SA without tearing everything down (depending on the configuration).

The IPsec status page can also be improved (in the UI) with information about current P2 tunnel lifetime etc.


Best regards
Kaare

Post Reply