Still hoping for some insight into two problems I'm seeing with a Windows 7 IKEv2 road-warrior setup:
1) Charon fails to release ip address with "releasing address to pool 'rw-win7' failed" 2) Windows 7 does not create a route to support the subnet behind the Strongswan gateway when "class based route addition" is selected Strongswan 4.3.6 is installed on CentOS 5.4 (kernel 2.6.18) and configured with: ./configure --sysconfdir=/etc --prefix=/usr --enable-eap-mschapv2 --enable-eap-identity --enable-md5 --enable-md4 --enable-nat-transport --- ipsec.conf --- config setup plutostart=no charonstart=yes conn %default ike=aes256-sha1-modp1024! esp=aes256-sha1! dpdaction=clear dpddelay=300s rekey=no left=10.0.0.1 leftsubnet=192.168.0.0/24 left...@10.0.0.1 leftcert=10.0.0.1.crt leftfirewall=yes conn rw-win7 mobike=yes keyexchange=ikev2 right=%any rightsourceip=192.168.7.0/24 rightauth=eap-mschapv2 rightsendcert=never eap_identity=%any auto=add --- /etc/strongswan.conf --- # strongswan.conf - strongSwan configuration file charon { dns1 = 192.168.0.1 dns2 = 192.168.0.2 nbns1 = 192.168.0.3 # Two defined file loggers. Each subsection is either a file # in the filesystem or one of: stdout, stderr. filelog { /var/log/charon.log { # loggers to files also accept the append option to open files in # append mode at startup (default is yes) append = no # the default loglevel for all daemon subsystems (defaults to 1). default = 1 } stderr { # more detailed loglevel for a specific subsystem, overriding the # default loglevel. ike = 2 knl = 3 } } # And two loggers using syslog. The subsections define the facility to log # to, currently one of: daemon, auth. syslog { # default level to the LOG_DAEMON facility daemon { } # very minimalistic IKE auditing logs to LOG_AUTHPRIV auth { default = -1 ike = 0 } } } Any ideas? Kevin _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users