Hi all,
I want to enable charon and disable pluto in order to limit to IKEv2
without 'mobike'.
When I enable charon in ipsec.conf,
- does charon support only ipv6?
(It was not clear whether this is the default behavior for 'charon' in
the description http://www.strongswan.org/index.htm)
- I
Auto Detect! The Best!
Thank You!
Andreas Steffen wrote:
Hi Yong Choo,
we don't use the --ipv4, --ipv6, --tunnelipv4, and --tunnelipv6
options at all. I think they are FreeS/WAN legacy and should be
removed from our man pages.
Both strongSwan pluto and strongSwan charon detect IPv4 and
Will the charon's log show the auto-detected ipv4 .vs. ipv6 per connection?
I looked at the daemon.log auth.log example but did not see. Perhaps I
need to enable more charon debug level?
Yong Choo wrote:
Auto Detect! The Best!
Thank You!
Andreas Steffen wrote:
Hi Yong Choo,
we don't
Martin,
I can pass authentication now after I set subjectAltName, but I always failed
when I use the DN. Curious what is wrong.
Thanks,
Roger
-Original Message-
From: users-boun...@lists.strongswan.org [mailto:users-
boun...@lists.strongswan.org] On Behalf Of Zhang, Long (Roger)
Hi,
I am trying IPSec with StrongSwan on two Linux. The example is
http://www.strongswan.org/uml/testresults43/ikev2/host2host-cert/
Currently I see a problem no trusted RSA public key found. I do not know
why it is reported. My certificate sunCert.pem looks good. And the CA is shared
for
Andreas,
Thanks for your detail explanation.
One more question. I can not find the daemon.log on moon side. Seems like it is
not generated. Then how can I generate it? The moon side is Fedora Core 9 Linux.
Roger
-Original Message-
From: Andreas Steffen
Hi Roger,
you have a time synchronisation problem on your linux boxes.
The certificate you generated starts to be valid (notBefore) on
Aug 27 13:45:47 UTC 2009
The current time on moon is not known but on sun it is
Aug 27 10:10:11 (Shandong local time).
Since in China you are ahead of UTC by
Andreas,
Thanks a lot for your help. I have doubt the time difference, but not checked
the timezone. I have root permission, I will change the system time.
Roger
-Original Message-
From: Andreas Steffen [mailto:andreas.stef...@strongswan.org]
Sent: Thursday, August 27, 2009 1:37 PM