Hello All,
I'm trying to use Strongswan as a IKEv2 daemon (i.e charon) and add
the policies via setkey at runtime. Is that allowed with Strongswan?
As per my test results, though I'm able to flush the policies added by
Strongswan using setkey, but strongswan doesn't takes into account the
Hi list
I connect to strongswan 4.6.1 with a mobile vpn client and if the internet
connection is sudden broken, I can not reconnect until strongswan declair the
connection as dead. In this case I need to wait 180 seconds. I configured the
connection with ModeCfg and rightsourceip.
When I
Hello Deepika,
please have a look at our Mobile IPv6 scenario
http://wiki.strongswan.org/projects/strongswan/wiki/MobileNodeSetup
where the MIPv6 daemon installs the policy. With the ipsec.conf
option
installpolicy=no
you can prevent the charon daemon from installing and deleting
IPsec
Hello Gowri,
this seems to be the same problem (however I cannot confirm that
SIGSEGV is the culprit in my case).
I saw that you hadn't been able to reproduce the error on x86. My
error occurred on x86 while running on virtualized hardware (virtual
box).
Sincerely,
Vilhelm Jutvik
2012/3/21
Hi Vilhelm,
It works though if you limit the debugging level and / or the number
of debugging options. I've reproduced this several times just to be
sure. Why is this?
The problem line was (in full):
charondebug=asn 3,knl 3,mgr 3,ike 3,chd 3,net 3,enc 3
It works if you change it so (e.g.)
No, there was no such message in my logs. Furthermore, the starter
process didn't die. You had to kill it manually, remove the PID file
and then type ipsec start again.
I think I suffered from the same problem as experienced by Gowri.
Regards,
Ville
2012/3/21 Tobias Brunner
Hi Vilhelm,
On Wednesday 21 March 2012 03:24 PM, Vilhelm Jutvik wrote:
Hello Gowri,
this seems to be the same problem (however I cannot confirm that
SIGSEGV is the culprit in my case).
So, can you check/paste what is happening while ENC
parsing IKE_SA_INIT response for SA payload. You can
Planning to run Strongswan on RHEL 5.7 2.6.18-274.el5. Do you recommend any
necessary or critical updates to the kernel for running Strongswan for a simple
X.509 cert authentication based Charon configuration.
Regards,
-sanjay
[cid:tree5ea6.png]Please consider the environment before printing
