[strongSwan] charon supports ipv4 or ipv6?

Hi all, I want to enable charon and disable pluto in order to limit to IKEv2 without 'mobike'. When I enable charon in ipsec.conf, - does charon support only ipv6? (It was not clear whether this is the default behavior for 'charon' in the description http://www.strongswan.org/index.htm) - I

Re: [strongSwan] charon supports ipv4 or ipv6?

Auto Detect! The Best! Thank You! Andreas Steffen wrote: Hi Yong Choo, we don't use the --ipv4, --ipv6, --tunnelipv4, and --tunnelipv6 options at all. I think they are FreeS/WAN legacy and should be removed from our man pages. Both strongSwan pluto and strongSwan charon detect IPv4 and

Re: [strongSwan] charon supports ipv4 or ipv6?

Will the charon's log show the auto-detected ipv4 .vs. ipv6 per connection? I looked at the daemon.log auth.log example but did not see. Perhaps I need to enable more charon debug level? Yong Choo wrote: Auto Detect! The Best! Thank You! Andreas Steffen wrote: Hi Yong Choo, we don't

Re: [strongSwan] no matching peer config found

Martin, I can pass authentication now after I set subjectAltName, but I always failed when I use the DN. Curious what is wrong. Thanks, Roger -Original Message- From: users-boun...@lists.strongswan.org [mailto:users- boun...@lists.strongswan.org] On Behalf Of Zhang, Long (Roger)

[strongSwan] no trusted RSA public key found

Hi, I am trying IPSec with StrongSwan on two Linux. The example is http://www.strongswan.org/uml/testresults43/ikev2/host2host-cert/ Currently I see a problem no trusted RSA public key found. I do not know why it is reported. My certificate sunCert.pem looks good. And the CA is shared for

Re: [strongSwan] no matching peer config found

Andreas, Thanks for your detail explanation. One more question. I can not find the daemon.log on moon side. Seems like it is not generated. Then how can I generate it? The moon side is Fedora Core 9 Linux. Roger -Original Message- From: Andreas Steffen

Re: [strongSwan] no trusted RSA public key found

Hi Roger, you have a time synchronisation problem on your linux boxes. The certificate you generated starts to be valid (notBefore) on Aug 27 13:45:47 UTC 2009 The current time on moon is not known but on sun it is Aug 27 10:10:11 (Shandong local time). Since in China you are ahead of UTC by

Re: [strongSwan] no trusted RSA public key found

Andreas, Thanks a lot for your help. I have doubt the time difference, but not checked the timezone. I have root permission, I will change the system time. Roger -Original Message- From: Andreas Steffen [mailto:andreas.stef...@strongswan.org] Sent: Thursday, August 27, 2009 1:37 PM