I have a connection configured on my libreswan instance on two machines.
The connection start automatically when I start the pluto daemon, I have try other settings, but the connection also starts if I do a ping
and the service is up, however, I want it to remain disable until I explicitly tell it to be up ipsec auto --up <name>
, is it posible?
Also, once the connection is started, there is no way to shut it down, ipsec auto --down <name>
appears to do nothing since the connection is started again automatically a few seconds after the command, how can I shut it down until I want it up again?
Thanks for your help
EDIT:
This is the connection File
/etc/ipsec.d/host_to_host.conf
_________________________________________________________
conn h2h
leftid=@a
left=192.168.137.14
leftrsasigkey=****
rightid=@b
right=192.168.1.45
rightrsasigkey=****
authby=rsasig
auto=ondemand