ISAKMPD | stopping, flushing, reloading

Stopping: If isamkmpd is running in the foreground, ctrl+c does not flush existing connections (SAD’s). Do a little ipsecctl -F kill -9 kills only the daemon, the connections stay alive. Use kill -TERM instead. Or use the isakmpd FIFO user interface: echo ‘Q’ > /var/run/isakmpd.fifo Reloading: kill -HUP or echo ‘R’ > /var/run/isakmpd.fifo

OpenBSD | isakmpd

/etc/sysctl.conf net.inet.esp.enable=1 # Enable the ESP IPsec protocol net.inet.ah.enable=1 # Enable the AH IPsec protocol net.inet.ip.forwarding=1 # Enable IP forwarding for the host. net.inet.ipcomp.enable=1 # Optional: compress IP datagrams /etc/rc.conf isakmpd_flags=”” # Avoid keynote(4) policy checking ipsec=YES # Load ipsec.conf(5) rules