Name

ipsec-start — Add, route, and up a connection

Synopsis

ipsec start connection [--config /etc/ipsec.conf] [--ctlsocket /run/pluto/pluto.ctl] [--dry-run]

DESCRIPTION

ipsec start without any options requests initsystem to start ipsec service.

ipsec start with connection option is equivalent to running first ipsec add connection and then ipsec up connection, causing same effect as connection configuration option auto=start on startup.

This sets up connection to be added to the pluto internal database and establishing the connection immediately.

Note: you might also need to run ipsec rereadsecrets when your new connection uses pre-shared key (PSK) authentication, authby=secret because secrets keys are only being read at startup.

With --dry-run the underlying whack or addconn command is displayed but not executed.

SEE ALSO

ipsec.conf(5), ipsec(8), ipsec-add(8), ipsec-algparse(8), ipsec-briefconnectionstatus(8), ipsec-briefstatus(8), ipsec-certutil(8), ipsec-checkconfig(8), ipsec-checknflog(8), ipsec-checknss(8), ipsec-connectionstatus(8), ipsec-crlutil(8), ipsec-delete(8), ipsec-down(8), ipsec-ecdsasigkey(8), ipsec-fetchcrls(8), ipsec-fipsstatus(8), ipsec-globalstatus(8), ipsec-import(8), ipsec-initnss(8), ipsec-letsencrypt(8), ipsec-listall(8), ipsec-listcacerts(8), ipsec-listcerts(8), ipsec-listcrls(8), ipsec-listen(8), ipsec-listpubkeys(8), ipsec-modutil(8), ipsec-newhostkey(8), ipsec-ondemand(8), ipsec-pk12util(8), ipsec-pluto(8), ipsec-purgeocsp(8), ipsec-redirect(8), ipsec-replace(8), ipsec-rereadall(8), ipsec-rereadcerts(8), ipsec-rereadsecrets(8), ipsec-restart(8), ipsec-route(8), ipsec-rsasigkey(8), ipsec-setup(8), ipsec-showhostkey(8), ipsec-showroute(8), ipsec-showstates(8), ipsec-shuntstatus(8), ipsec-status(8), ipsec-stop(8), ipsec-trafficstatus(8), ipsec-unroute(8), ipsec-up(8), ipsec-vfychain(8), ipsec-whack(8)

BUGS

none

AUTHOR

Tuomo Soini