[strongSwan] 5.0.1 unable to set UDP_ENCAP: Protocol not available

Hello, all I was trying to setup a IPv6 tunnel with strongSwan as the client. strongSwan sent the IKE_SA_INIT  to my SGW and the SGW  properly responded. Wireshark capture indicated that the IKE_SA_INIT response was received on the network interface that strongSwan was listening on, however t

[strongSwan] unable to install source route for IPv6

Hello, Andreas, hello all I am trying to bring up a IPv6 tunnel between my SeGW and a strongSwan client running on Linux. The tunnel was able to be setup however strongSwan failed to install the route for virtual endpoint IP (assigned by the SeGW). Thus I was not able to pass data over the tunn

[strongSwan] R_U_THERE_ACK has invalid SPI length (16)

Hi, I have seen this error in the pluto debug log "secure" when testing DPD against my SeGW, I wonder what this error really means. Per RFC3706, the SPI length should be set to 16 in the R_U_THERE/R_U_THERE_ACK messages. So does this error mean something else wrong in the R_U_THERE_ACK sent by

[strongSwan] Question on sending "INTERNAL_IP4_SUBNET" in CFG

Hi, Can strongSwan (as client) send INTERNAL_IP4_SUBNET in Configuration Payload? How to configure it? Thanks very much for your help Nan --- On Fri, 6/24/11, Nan Luo wrote: From: Nan Luo Subject: [strongSwan] Question on sending "INTERNAL_IP4_DNS" in CFG To: users@lists.strongswa

[strongSwan] Question on sending "INTERNAL_IP4_DNS" in CFG

Hi, I am testing a SeGW with strongSwan as the client. I am trying to have strongSwan sending multiple attributes ("INTERNAL_IP4_ADDRESS" and "INTERNAL_IP4_DNS") in the Configuration payload to my SeGW, but strongSwan always includes only one attribute ("INTERNAL_IP4_ADDRESS"), any configuratio

[strongSwan] EAP-SIM Identity Request/Response

Hi, Martin, Hi, Andreas, Hi, all I am testing EAP-SIM with strongSwan as the client against a Security Gateway. I wonder if strongSwan supports the EAP-SIM authentication mechanism defined in 3GPP TS43.318V7.5.0. The difference between this EAP-SIM scheme and a standard one defined in RFC4186 i

[strongSwan] strongSwan IKEv1 question

Hi, I am trying to setup a IKEv1 tunnel with a Security Gateway using strongSwan as client. But the tunnel failed at phase 2 negotiation with the following errors, can some one help? [root@acme94 etc]# /usr/local2/sbin/ipsec up pskv1002 "pskv1" #3: initiating Main Mode102 "pskv1" #3: STATE_MAIN

[strongSwan] strongSwan EAP-AKA support with FreeRADIUS

Hi, I am testing EAP-AKA with strongSwan as the client and FreeRADIUS as the authentication server against a Security Gateway. The SeGW here runs in the pass-through (relaying) mode for all EAP signaling. The EAP-AKA failed because strongSwan sends AKA_AUTHENTICATION_REJECT. I know I have to so