,
Anand
- Original Message -
From: Tobias Brunner tob...@strongswan.org
To: anand rao anandrao...@yahoo.co.in
Cc: gowrishankar gowrishanka...@linux.vnet.ibm.com;
users@lists.strongswan.org users@lists.strongswan.org
Sent: Tuesday, April 10, 2012 3:57 PM
Subject: Re: [strongSwan] Charon
bytes_i, 0 bytes_o, rekeying in 5
minutes
toevm2-psk{1}: 192.168.1.0/24 === 192.168.2.0/24
Please help me as this is leading to hanging of charon daemon.
Thanks,
Anand
- Original Message -
From: gowrishankar gowrishanka...@linux.vnet.ibm.com
To: anand rao anandrao...@yahoo.co.in
-
From: Tobias Brunner tob...@strongswan.org
To: anand rao anandrao...@yahoo.co.in
Cc: users@lists.strongswan.org users@lists.strongswan.org
Sent: Monday, March 19, 2012 9:17 PM
Subject: Re: [strongSwan] Charon hangs after failing to delete Rekeyed IPsec SAs
Hi Anand,
conn %default
the redundant child SA issue on 4.3.6. Please suggest me in resolving this
issue.
Thanks,
Anand
- Original Message -
From: Tobias Brunner tob...@strongswan.org
To: anand rao anandrao...@yahoo.co.in
Cc: users@lists.strongswan.org users@lists.strongswan.org
Sent: Tuesday, March 20, 2012 2:25
Hi,
I am using strongswan 4.3.6
I have configured two peers to establish tunnel in tunnel mode.
Here is configuration in ipsec.conf
config setup
strictcrlpolicy=no
crlcheckinterval=180
plutostart=yes
charonstart=yes
nat_traversal=yes
conn %default
ikelifetime=10m
private key failed
I have attached caKey.der.
Please help.
Regards,
Anand
- Original Message -
From: Andreas Steffen andreas.stef...@strongswan.org
To: anand rao anandrao...@yahoo.co.in
Cc: users@lists.strongswan.org users@lists.strongswan.org
Sent: Friday, November 11, 2011 6:29 PM
):reason(168):NA:0:
8193:error:0D07803A:lib(13):func(120):reason(58):NA:0:Type=RSA
8193:error:0D09A00D:lib(13):func(154):reason(13):NA:0:
BR's
Anand
- Original Message -
From: Andreas Steffen andreas.stef...@strongswan.org
To: anand rao anandrao...@yahoo.co.in
Cc: users@lists.strongswan.org
Hi Andreas,
Please find the caKey.der attached. It was unreadable using cat command.
Regards
Anand
- Original Message -
From: Andreas Steffen andreas.stef...@strongswan.org
To: anand rao anandrao...@yahoo.co.in
Cc: users@lists.strongswan.org users@lists.strongswan.org
Sent: Friday
Hi,
I am using strongswan 4.3.6
I have tried generate certificates using strongswan PKI gen tool to generate
RSA certificate.
I am getting below errors.
root@evm1gw:/etc/cert# ipsec pki --gen caKey.der
root@evm1gw:/etc/cert#
root@evm1gw:/etc/cert# ipsec pki --self --in caKey.der --dn
Hi,
I have configured StrongSwan with --enable-openssl and
--enable-kernel-pfkey.
My setup consists of two hosts connected back to back and tunnel configured for
transport mode.
from one host I am running a script in a loop in which i am doing
ipsec up conn-host-host
sleep 2
ipsec down
Hi,
I am using strongswan 4.3.6. I have configured two peers to establish
tunnel
in transport mode.
from one peer I am running a script in a loop in which i am doing
ipsec up example
sleep 5
ipsec down example
sleep 5
For some time tunnel up/down happening successfully.
After a while I am
Hi,
I am trying to establish tunnel in transport mode between two hosts. I am
using strongswan 4.3.6 on both sides.
when I use default configuration or AES algorithm, tunnel establishes
successfully.
But if I use 3des algorithm (ike=3des-sha1-modp1536) I am getting following
errors.
Nov
I am using openssl plugin for crypto.
result of ipsec statusall is
000 Status of IKEv1 pluto daemon (strongSwan 4.3.6):
000 interface eth2/eth2 fec0::ef01:500
000 interface eth0/eth0 fec0::ee01:500
000 interface lo/lo ::1:500
000 interface lo/lo 127.0.0.1:500
000 interface eth0/eth0 1.1.1.1:500
Hi,
From the mailing list I found out that PLUTO doesn't have support for
PFKEYv2
kernel interface.
Can you please let me know which interface does PLUTO uses to communicate with
XFRM (kernel).
I am using strongswan 4.3.6 version.
Thanks
-Anand
Hi,
Is IKEv2 fallback to IKEv1 supported in strongswan4?
Here is my configuration
Host1 running both charon and pluto daemons.
both has the same connection defined in ipsec.conf, for conn1 keyexchange=ikev2
and conn2 keyexchange=ikev1.
Host2 running only pluto deamon and keyexchange=ikev1.
In
Hi,
I am trying a host to host IKE v2 setup. I am facing following error
whenever
i tried to do ipsec up host-host
initiating IKE_SA host-host[1] to 192.168.0.2
generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ]
sending packet: from 192.168.0.1[500] to
16 matches
Mail list logo