Hi,
I have GW1 and GW2 redundant firewalls (isakmpd+pf+carp+sasyncd)
Is there a way to see which security associations are marked as "replaced" on
the backup GW?
"ipsecctl -s all -v -v" shows a lot but it does not seem to show that.
On the master (let's say GW1)
echo "S" > /var/run/isakmpd.fifo then
vi isakmpd.report
shows the flags, but I'm interested in the SAs from the backup GW2 which were
created by sasyncd.
Basically after the old SAs soft time expired and new SAs are created I want to
see the old ones marked as SA_FLAG_REPLACED and the new ones SA_FLAG_ALIVE on
the backup firewall.
Is there a way.
Thank you,
Catalin
---------------------------------
Ask a question on any topic and get answers from real people. Go to Yahoo!
Answers.
