Hi,

In a FreeBSD router (5.4-stable), there are currently 50 IPSEC VPN
connections running with 50 remote sites, now I need to add one more
(new) vpn to it without resetting the existing VPN connection.
Therefore I have created a script (new-vpn.sh):

#!/bin/sh

# Tunnel to kgportsmith
/sbin/ifconfig gif108 destroy
/sbin/ifconfig gif108 create
/sbin/ifconfig gif108 tunnel 10.152.34.74 10.154.3.74
/sbin/ifconfig gif108 inet 10.1.1.1 10.1.1.33 netmask 255.255.255.0
/sbin/route delete 10.1.33.1/24
/sbin/route delete 172.17.33.0/24
/sbin/route add 10.1.33.1/24 10.1.1.33
/sbin/route add 172.17.33.0/24 10.1.1.33

setkey -c << EOF

# Setup policies with kgportsmith
spdadd 10.152.34.74 10.154.3.74 any -P out ipsec
esp/tunnel/10.152.34.74-10.154.3.74/require ;
spdadd 10.154.3.74 10.152.34.74 any -P in ipsec
esp/tunnel/10.154.3.74-10.152.34.74/require ;
add 10.152.34.74 10.154.3.74 esp 2797 -m tunnel -E blowfish-cbc
0x11205611340CCEA4C816670A4A8DD2A67403F46A08169850 DC0B8E2989C3C2094CEF174297ECCF39644B6C4E28D5A3BD4C 0861DD7094E398
-A hmac-sha1 0x2C49F538BAF74917311382F7EE42CC43FBDBDA4B ;
add 10.154.3.74 10.152.34.74 esp 4074 -m tunnel -E blowfish-cbc
0x82A7C78A8C1F8B0DF8EE75F4BEEA5A26D987C6237D43ED98 EF3E2A18D2B7F2C94674E1E4B1FAFE645CCB2C18603646E20E B925B06AEC4F6B
-A hmac-sha1 0xCE1D85113D11D43C061E499CFFECCD81D50A3530 ;

EOF

### END OF SCRIPT ###

Will this script (especially the setkey -c) erase (reset) the existing
VPN connection and security keys)?

Thanks
S