strongSwan is an automatic keying daemon which tries to do a good job.
If everything is ok then there is no need to send any notify messages.
Therefore I don't know what you intend to. If you want to send
messages then use email or an instant messaging tool.
Andreas
Tilak Adhya wrote:
>
> Hi,
>
Hi,
Is it possible to configure strongSwan for sending NOTIFY message in
response of any messages? If possible what is the command ?
Thanks
Tilak
On Mon, 18 May 2009 15:56:36 +0530 wrote
>Tilak Adhya wrote:
>>
>> Hi Andreas,
>>
>> Thanks for your help. Here is the consistent debug inform
Hi,
> What is the command for deleting the created CREATE_CHILD_SA in
> strongSwan ?
To close CHILD_SAs, you can use curly brackets {}. Use
ipsec down conn1{}
to close the first found CHILD_SA named conn1, or use
ipsec down {2}
to close the CHILD_SA with reqid 2 (as seen in statusall).
Reg
Hi Andreas,
Thanks for your help. I have another doubt regarding strongSwan
CREATE_CHILD_SA. Can I delete the CREATE_CHILD_SA from the strongSwan
side? What is the command for deleting the created CREATE_CHILD_SA in
the strongSwan ?
My requirement is to delete the CREATE_CHILD_SA in strongSwa
Tilak Adhya wrote:
>
> Hi Andreas,
>
> Thanks for your help. Here is the consistent debug information.
>
> You are saying that I need to send Traffic Selectors(TS) with the
> CREATE_CHILD_SA request. But in the RFC 4306, it is clearly written
> that TS are optional in the request-response for CR
Hi Tilak,
first a few comments on your ipsec.conf file:
>config setup
> interfaces="ipsec0=eth0"
The interfaces options is for the FreeS/WAN KLIPS
IPsec stack and is completely obsolete
> klipsdebug=all
> plutodebug=all
These debug options are for the IKEv1 pluto daemon
and n
Hi Tilak,
I suspect that Andreas meant the log files output by strongswan. The
file you sent seems to be created by some tool called "IxANVL -
Automated Network Validation Library (ANVL)" which was built to verify
the correct implementation of network protocols.
So you are setting IxANVL at str
H Tilak,
without any log and configuration information we cannot possibly
help you.
Regards
Andreas
Tilak Adhya wrote:
> Hi,
>
> I am new to this list and using Strongswan for the last 2 months... I
> am facing a problem regarding the CREATE_CHILD_SA for IKEV2 with
> Strongswan. I have conne
Hi,
I am new to this list and using Strongswan for the last 2 months... I
am facing a problem regarding the CREATE_CHILD_SA for IKEV2 with
Strongswan. I have connected two Strongswan back to back but not able
to send CREATE_CHILD_SAs. Also, I sent CREATE_CHILD_SA but Strongswan
is not respondi
