Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

ipsec_ikeping(8) [centos man page]

IPSEC_IKEPING(8)						Executable programs						  IPSEC_IKEPING(8)

NAME

       ipsec_ikeping - send/receive ISAKMP/IKE echo requests/replies

SYNOPSIS

       ipsec ikeping [--listen] [--verbose] [--wait time] [--exchangenum num] [--ikeport localport] [--ikeaddress address] [--inet] [--inet6]
	     destaddr [/dstport...]

DESCRIPTION

       Ikeping sends and receives ISAKMP/IKE echo request and echo reply packets. These packets are intended for diagnostics purposes, in a manner
       similar to ping(8) does for ICMP echo request/reply packets.

       At the time of this writing, the ISAKMP echo request/reply exchange is still an internet-draft (draft-richardson-ipsec-ikeping-00), and is
       therefore completely non-standard. The Libreswan IKE daemon pluto does implement this draft, so ikeping can be used to test connectivity to
       an libreswan ipsec server.

       Ikeping will bind to the local address given by --ikeaddress and the port number given by --ikeport defaulting to the wildcard address and
       the ISAKMP port 500. An ISAKMP exchange of type 244 (a private use number) is sent to each of the address/ports listed on the command line.
       The exchange number may be overridden by the --exchangenum option.

       Ikeping then listens for replies, printing them as they are received. Replies are of exchange type 245 or the specified exchange number
       plus 1.	Ikeping will keep listening until it either receives as many echo responses as it sent, or until the timeout period (5 seconds)
       has been reached. Receipt of a packet will reset the timer. The --wait option can be used to specify a different timeout period.

       If the --listen option is given, then ikeping will not send any packets. Instead, it will listen for them and reply to each request
       received.

       If the --natt option is given, then ikeping will set the socket to permit UDP encapsulated ESP packets. This is only useful in listen mode.

FILES

       no external files

SEE ALSO

       ping(8), ipsec_pluto(8)

HISTORY

       Written for the Linux FreeS/WAN project <http://www.freeswan.org> by Michael Richardson.

AUTHOR

       Paul Wouters
	   placeholder to suppress warning

libreswan							    12/16/2012							  IPSEC_IKEPING(8)

Check Out this Related Man Page

IPSEC_ADDCONN(8)						Executable programs						  IPSEC_ADDCONN(8)

NAME

       ipsec_addconn - load a given policy into the pluto IKE daemon

SYNOPSIS

       ipsec addconn --configsetup [--rootdir dir] [--config filename] [--ctlbase socketfile] [--verbose] [--noexport] [--warningsfatal]

       ipsec addconn --liststack [--rootdir dir] [--config filename] [--ctlbase socketfile] [--verbose] [--noexport] [--warningsfatal]

       ipsec addconn --checkconfig [--rootdir dir] [--config filename] [--ctlbase socketfile] [--verbose] [--warningsfatal]

       ipsec addconn --autoall [--rootdir dir] [--config filename] [--ctlbase socketfile] [--verbose] [--warningsfatal] [--defaultroute addr]
	     [--defaultroutenexthop addr]

       ipsec addconn [--rootdir dir] [--config filename] [--ctlbase socketfile] [--verbose] [--warningsfatal] [--defaultroute addr]
	     [--defaultroutenexthop addr] name1 [name2 ..]

       ipsec addconn [--listall] [--liststart] [--listroute] [--listadd] [--listignore] [--rootdir dir] [--config filename] [--ctlbase socketfile]
	     [--verbose] [--warningsfatal]

       ipsec addconn --help

DESCRIPTION

       ipsec addconn takes a config file (or stdin) containing the format of ipsec.conf, or the format of individual "conn" sections, and uses
       that information to load named or all connections defined in that configuration file into the running libreswan pluto IKE daemon. If no
       configuration file is specified, the default configuration file is used. If no pluto socket is specified, the default socket location will
       be used.

       When --addall is used, all connections defined in the config file will be operated on. Otherwise, only the specified connection names will
       be affected.

       When addcon is run, connections that have the auto= option set to add, start or route will be loaded, routed or initiated. If a connection
       was loaded or initiated already, it will be replaced.

       When --configsetup is specified, the configuration file is parsed for the config setup section and printed to the terminal usable as a
       shell script. These are prefaced with export unless --noexport is specified.

       When --checkconfig is specified, the configuration file is parsed and all sections are checked for correct syntax. If an error is found,
       information about it is printed to the terminal.

       When --listroute or --liststart is specified, no connections are added or replaced, only shown. This command can be used to verify which
       connections the addcon command would act upon, without actually performing any action.

HISTORY

       Man page written for the Libreswan project <http://www.libreswan.org/> by Paul Wouters

AUTHOR

       Paul Wouters
	   placeholder to suppress warning

libreswan							    12/16/2012							  IPSEC_ADDCONN(8)
Man Page