diff --git a/neutron_vpnaas/services/vpn/device_drivers/strongswan_ipsec.py b/neutron_vpnaas/services/vpn/device_drivers/strongswan_ipsec.py index b8d868e6f..708952a1f 100644 --- a/neutron_vpnaas/services/vpn/device_drivers/strongswan_ipsec.py +++ b/neutron_vpnaas/services/vpn/device_drivers/strongswan_ipsec.py @@ -158,8 +158,20 @@ class StrongSwanProcess(ipsec.BaseSwanProcess): def restart(self): """Restart the process.""" + self.reload_secrets() self.reload() + def reload_secrets(self): + """Reload the ipsec.secrets file. + + Flushes and rereads all secrets defined in ipsec.secrets. This needs + to be done each time when a new site connection is associated with + a VPN service which already hosts a site connection - 'ipsec reload' + does not reload the secrets and new connections will not authenticate + properly. + """ + self._execute([self.binary, 'rereadsecrets']) + def reload(self): """Reload the process.