Hi,
Create and provide logs. List all information in the format and with the
commands as described on the HelpRequests page.
Kind regards
Noel
On 06.01.2018 07:15, Sujoy wrote:
> Hi All,
>
> We are able to connect to StrongSwan IPSec using LAN IP. But in the same
> system which is having
Hi Neon,
when I run "IPSec up tunnel". I get the below message.
scheduling reauthentication in 2905s
maximum IKE_SA lifetime 3445s
received TS_UNACCEPTABLE notify, no CHILD_SA built
failed to establish CHILD_SA, keeping IKE_SA
establishing connection 'tunnel' failed
Following is my client
Hi,
I am using OpenWrt + strongSwan + freeradius (password) peap auth on my
home routers (DIR860 and WNDR3700). It all works quite nicely altough it
took some time to set up freeradius correctly...
smime.p7s
Description: Kriptografski podpis S/MIME
On LDAP or Radius is possibile to auth over a NT-Password and I think LM as
well, yes AD format.
I often use mschap for testing purpose and would be great having an
embedded but configurable strongswan server in a cheap router.
2018-01-04 14:46 GMT+01:00 Noel Kuntze <
Not on openwrt. But you need plaintext or AD like passwords in LDAP. Otherwise
you can't auth with mschap(v2).
On 04.01.2018 14:38, Giuseppe De Marco wrote:
> Yes Noel and thank you, my question is:
> Is there any experiences about running strongswan in openwrt as ikev2 server
> with
Yes Noel and thank you, my question is:
Is there any experiences about running strongswan in openwrt as ikev2
server with mschap,radius,ldap auth backend?
2018-01-04 14:17 GMT+01:00 Noel Kuntze <
noel.kuntze+strongswan-users-ml@thermi.consulting>:
> Hi,
>
> `ipsec` is just a command line tool.
Hi,
`ipsec` is just a command line tool. It's not a daemon (or generally a service).
Are there any open questions?
Kind regards
Noel
On 04.01.2018 14:14, Giuseppe De Marco wrote:
> Hi and thank you Noel,
> I meant to run ipsec and charon in the embedded openwrt router, I use dpd as
> well
>
Hi and thank you Noel,
I meant to run ipsec and charon in the embedded openwrt router, I use dpd
as well
# dead-peer detection to clear any "dangling" connections in case
the client unexpectedly disconnects dpdaction=clear # If the tunnel
has no traffic for this long (default 30 secs), Charon
Hi,
Only on the responder.
If you use dpd and enforce UDP encapsulation, you do not need to open any ports
on the initiator side.
Refer to the UsableExamples wiki page[1] for example configurations that are
usable in the real world.
Kind regards
Noel
[1]
Hi,
Do you compile firmware by yourself or install packages in a stable release
using opkg command?
If you open the 4500 port means that you use ikev2/charon, isn't it?
I customize openwrt and lede firmwares for specific purposes, my packages
are here:
Hi All,
We want to implement StrongSwan,with IPsec in OpenWRT. IPSec server will
be running in CentOS and the OpenWRt router will connect to it using
VPN. I have configured the server part, struggling to configure the
client part. Do we need to open port 4500 for this first.
Anyone can
11 matches
Mail list logo
