<html><body><div style="color:#000; background-color:#fff; font-family:HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif;font-size:8pt"><div id="yiv9098207885yui_3_7_2_38_1377568206375_40" style="font-family: 'times new roman', 'new york', times, serif; font-size: 12pt;">Hello Everyone,</div><div id="yiv9098207885yui_3_7_2_38_1377568206375_69" style="font-size: 12pt; font-family: 'times new roman', 'new  york', times, serif;"><br clear="none"></div><div id="yiv9098207885yui_3_7_2_38_1377568206375_71" style="font-family: 'times new roman', 'new york', times, serif; font-size: 16px; background-color: transparent;">I have a machine  Ubunto 12.0 with strongSwan 4.5.2.1.</div><div id="yiv9098207885yui_3_7_2_38_1377568206375_71" style="font-family: 'times new roman', 'new york', times, serif; font-size: 16px; background-color: transparent;"><br></div><div id="yiv9098207885yui_3_7_2_38_1377568206375_71" style="font-family: 'times
 new roman', 'new york', times, serif; font-size: 16px; background-color: transparent;">I have observed if I  select  charonstat=yes and plutostart=no   ipsec is not listening in all interfaces and it never receives any connection from outside.</div><div id="yiv9098207885yui_3_7_2_38_1377568206375_71" style="font-family: 'times new roman', 'new york', times, serif; font-size: 16px; background-color: transparent;"> </div><div id="yiv9098207885yui_3_7_2_38_1377568206375_71" style="font-family: 'times new roman', 'new york', times, serif; font-size: 16px; background-color: transparent;">>>netstat  -ualn   shows the following:  </div><div id="yiv9098207885yui_3_7_2_38_1377568206375_76" style="background-color: transparent;"><font face="times new roman, new york, times, serif" size="3"><br></font></div><div id="yiv9098207885yui_3_7_2_38_1377568206375_76" style="background-color: transparent;"><font face="times new
 roman, new york, times, serif" size="3">udp        0      0 0.0.0.0:500             0.0.0.0:* </font><br clear="none" id="yiv9098207885yui_3_7_2_38_1377568206375_81"></div><div id="yiv9098207885yui_3_7_2_38_1377568206375_78" style="font-family: 'times new roman', 'new york', times, serif; font-size: 16px; background-color: transparent;"><br></div><div id="yiv9098207885yui_3_7_2_38_1377568206375_78" style="font-family: 'times new roman', 'new york', times, serif; font-size: 16px; background-color: transparent;">If I select  charonstat=no  and plutostart=yes    then  it  will receive connection from outside </div><div id="yiv9098207885yui_3_7_2_38_1377568206375_78" style="font-family: 'times new roman', 'new york', times, serif; font-size: 16px; background-color: transparent;"> </div><div id="yiv9098207885yui_3_7_2_38_1377568206375_78"
 style="font-family: 'times new roman', 'new york', times, serif; font-size: 16px; background-color: transparent;">>>netstat  -ualn   shows the following:<br></div><div id="yiv9098207885yui_3_7_2_38_1377568206375_78" style="font-family: 'times new roman', 'new york', times, serif; font-size: 16px; background-color: transparent;"><br></div><div id="yiv9098207885yui_3_7_2_38_1377568206375_78" style="background-color: transparent;"><div id="yiv9098207885yui_3_7_2_38_1377568206375_78" style="background-color: transparent;"><font face="times new roman, new york, times, serif" size="3">udp        0      0 127.0.0.1:500           0.0.0.0:*                          </font></div><div id="yiv9098207885yui_3_7_2_38_1377568206375_78" style="background-color: transparent;"><font face="times new roman, new york, times, serif"
 size="3">udp        0      0 192.168.1.209:500       0.0.0.0:*                          </font></div><div id="yiv9098207885yui_3_7_2_38_1377568206375_78" style="background-color: transparent;"><font face="times new roman, new york, times, serif" size="3">udp        0      0 192.168.45.160:500      0.0.0.0:*       </font></div><div id="yiv9098207885yui_3_7_2_38_1377568206375_78" style="background-color: transparent;"><font face="times new roman, new york, times, serif" size="3"><br></font></div><div id="yiv9098207885yui_3_7_2_38_1377568206375_78" style="background-color: transparent;"><font face="times new roman, new york, times, serif" size="3"><br></font></div><div id="yiv9098207885yui_3_7_2_38_1377568206375_78" style="background-color: transparent;"><font face="times
 new roman, new york, times, serif" size="3">Am I missing something here when I select Charnstart=yes ?</font></div></div><div id="yiv9098207885yui_3_7_2_38_1377568206375_78" style="font-family: 'times new roman', 'new york', times, serif; font-size: 16px; background-color: transparent;"><br></div><div id="yiv9098207885yui_3_7_2_38_1377568206375_78" style="font-family: 'times new roman', 'new york', times, serif; font-size: 16px; background-color: transparent;">Thanks for the help.</div><div id="yiv9098207885yui_3_7_2_38_1377568206375_78" style="font-family: 'times new roman', 'new york', times, serif; font-size: 16px; background-color: transparent;">Farid</div><div id="yiv9098207885yui_3_7_2_38_1377568206375_78" style="font-family: 'times new roman', 'new york', times, serif; font-size: 16px; background-color: transparent;"><br></div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88"
 style="font-family: 'times new roman', 'new york', times, serif; font-size: 16px; background-color: transparent;"><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;"><br clear="none"></div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">Here is the ipsec.conf  and strongswan.com:</div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;"><br clear="none"></div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">:<span style="background-color: transparent;">config setup</span></div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88"
 style="background-color: transparent;">       <span style="background-color: transparent;">        </span></div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">       <span style="background-color: transparent;"> plutodebug=all</span></div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">        charonstart=yes</div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">        plutostart=no</div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;"><br clear="none"></div><div
 class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">conn    %default</div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">        keyingtries=1</div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">        keyexchange=ikev2</div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">        left=192.18.1.209</div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">        leftid=@lmu209</div><div
 class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">        authby=secret</div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">        mobike=no</div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">        pfs=no</div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;"><span style="background-color: transparent;">      auto=add</span><br></div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;"><br clear="none"></div><div
 class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;"><br clear="none"></div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">here is the strongswan.conf in server side: ( Ubuntu):</div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;"><br clear="none"></div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;"><br clear="none"></div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">~<span style="background-color: transparent;"># strongswan.conf - strongSwan configuration file</span></div><div
 class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;"><br clear="none"></div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">charon {</div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;"><br clear="none"></div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">        # number of worker threads in charon</div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">        threads = 16</div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74"
 id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">        # send strongswan vendor ID?</div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">        # send_vendor_id = yes</div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;"><br clear="none"></div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">        plugins {</div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;"><br clear="none"></div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74"
 id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">                sql {</div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">                        # loglevel to log into sql database</div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">                        loglevel = 2</div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;"><br clear="none"></div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color:
 transparent;">                        # URI to the database</div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">                        # database = sqlite:///path/to/file.db</div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">                        # database = mysql://user:password@localhost/database</div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">                }</div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74"
 id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">        }</div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;"><br clear="none"></div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">        # ...</div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">}</div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;"><br clear="none"></div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">pluto {</div><div
 class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">#  load = sha1 sha2 md5 aes des hmac gmp random kernel-netlink</div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">}</div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;"><br clear="none"></div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">libstrongswan {</div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;"><br clear="none"></div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88"
 style="background-color: transparent;">        #  set to no, the DH exponent size is optimized</div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">          dh_exponent_ansi_x9_42 = no</div><div class="yiv9098207885yui_3_7_2_66_1377622557688_74" id="yiv9098207885yui_3_7_2_38_1377568206375_88" style="background-color: transparent;">}</div></div></div></body></html>