Hello, I am writing as I can't get my Strongswan configuration to work. I am using it to test an IKEv2 implementation of mine built for the IoT OS (Internet of Things) Contiki.
I've just set up Strongswan 4.5.2 from Ubuntu's packages. I've set my SPD to require protection for some services and my SAD is clean. When I use a user-level app to send some data to trigger the IKE_SA negotiation, nothing is sent. According to syslog, charon creates an acquire job for the SPD policy in question and then it stops with the line: "charon: [15]CFG trap not found, unable to acquire reqid 0" I've googled the error, to no avail. I found the error rather odd as my setup should be very common, with the exception that I'm using an elliptic curve group and IPv6. I would be very thankful for any help with this as I find myself stuck. Best regards, Vilhelm Jutvik This is my strongswan.conf: ===================================== # /etc/strongswan.conf - strongSwan configuration file # charon { # load = curl openssl random x509 pubkey hmac stroke kernel-netlink updown # } This is my ipsec.conf: ===================================== config setup crlcheckinterval=180 strictcrlpolicy=no plutostart=no charondebug="asn 4, knl 4,mgr 4,ike 4,chd 4,net 4,enc 4" conn %default auth=esp authby=psk esp=aes128ctr-aesxcbc! ikelifetime=60m keylife=20m keyingtries=1 rekeymargin=3m keyexchange=ikev2 ike=aes128ctr-aesxcbc-ecp192! type=transport Here's from ip xfrm policy: ===================================== src aaaa::/64 dst aaaa::1/128 proto udp dir fwd priority 2147483648 tmpl src :: dst :: proto esp reqid 0 mode transport src aaaa::/64 dst aaaa::1/128 proto udp dir in priority 2147483648 tmpl src :: dst :: proto esp reqid 0 mode transport src aaaa::1/128 dst aaaa::/64 proto udp dir out priority 2147483648 tmpl src :: dst :: proto esp reqid 0 mode transport src ::/0 dst ::/0 socket in priority 0 src ::/0 dst ::/0 socket out priority 0 src ::/0 dst ::/0 socket in priority 0 src ::/0 dst ::/0 socket out priority 0 src ::/0 dst ::/0 socket in priority 0 src ::/0 dst ::/0 socket out priority 0 src 0.0.0.0/0 dst 0.0.0.0/0 socket in priority 0 src 0.0.0.0/0 dst 0.0.0.0/0 socket out priority 0 src 0.0.0.0/0 dst 0.0.0.0/0 socket in priority 0 src 0.0.0.0/0 dst 0.0.0.0/0 socket out priority 0 src 0.0.0.0/0 dst 0.0.0.0/0 socket in priority 0 src 0.0.0.0/0 dst 0.0.0.0/0 socket out priority 0 _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users