Hi Martin
Rolf,
Starting strongSwan 5.1.3 IPsec [starter]...
!! Your strongswan.conf contains manual plugin load options for charon.
!! This is recommended for experts only, see
!! http://wiki.strongswan.org/projects/strongswan/wiki/PluginLoad
You should really take this warning seriously, it
Rolf,
> Starting strongSwan 5.1.3 IPsec [starter]...
> !! Your strongswan.conf contains manual plugin load options for charon.
> !! This is recommended for experts only, see
> !! http://wiki.strongswan.org/projects/strongswan/wiki/PluginLoad
You should really take this warning seriously, it is th
Hi Noel
You are right, I need a newer Version for libipsec. I did compile now newest
strongSwan:
./configure --prefix=/usr/strongswan-5.1.3 --sysconfdir=/etc/config/strongswan
--enable-kernel-libipsec
make
make install
Some output:
...
...
strongSwan will be built with the following plugins
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hello Rolf,
OpenVZ virtualised guests do not have their own kernel and are not allowed to
access the XFRM policies of the host kernel.
That's why that doesn't work. Use libipsec as a backend, instead of netlink.
libipsec works in userspace.
You p
Hi Rolf,
On 14-05-09 01:31 PM, Rolf Schöpfer wrote:
> Hi
>
> Today I didn't succed to configure site2site VPN with strongSwan. Details:
>
> - Server Debian 7.3 32-bit, OpenVZ VM (Host is Proxmox)
I believe it's still not possible to run IPsec inside an OpenVZ
container. Since you are using Pro
Hi
Today I didn't succed to configure site2site VPN with strongSwan. Details:
- Server Debian 7.3 32-bit, OpenVZ VM (Host is Proxmox)
- I did configure 'Gateway moon' of
http://www.strongswan.org/uml/testresults4/ikev2/rw-psk-ipv4/
# ipsec start
Starting strongSwan 4.5.2 IPsec [starter]...
!!
