<div dir="ltr"><div><div>Sorry, my bad, I've edited backup config file.<br>If I execute command:<br>>./ipsec --directory<br>I get:<br>/usr/local/libexec/ipsec<br></div><div>So config file is in /usr/local/etc/</div>
<div><br>Now I edited /usr/local/etc/strongswan.conf, added routing_table=0 (without "charon." key) and netlink error is gone, great, thanks!<br><br></div><div>However, there are some more errors:<br>Oct 30 12:20:57 00[NET] installing IKE bypass policy failed<br>
Oct 30 12:20:57 00[NET] installing IKE bypass policy failed<br>Oct 30 12:20:57 00[NET] enabling UDP decapsulation for IPv6 on port 4500 failed<br>Oct 30 12:20:57 00[NET] installing IKE bypass policy failed<br>Oct 30 12:20:57 00[NET] installing IKE bypass policy failed<br>
Oct 30 12:20:57 00[NET] enabling UDP decapsulation for IPv4 on port 4500 failed<br></div><div>...<br>Oct 30 12:20:57 00[LIB] building CRED_CERTIFICATE - X509 failed, tried 3 builders<br>Oct 30 12:20:57 00[CFG] loading ca certificate from '/usr/local/etc/ipsec.d/cacerts/caHisaCert.pem' failed<br>
</div><div>(new log file: <a href="https://dl.dropboxusercontent.com/u/2261256/forums/ipsec/charon1.log">https://dl.dropboxusercontent.com/u/2261256/forums/ipsec/charon1.log</a>)<br><br></div><div>There is one thing that I forgot to mention:<br>
</div><div>When I run "ipsec start" command, I get following messages:<br>Starting strongSwan 5.1.0 IPsec [starter]...<br>modprobe: chdir(2.6.32.12): No such file or directory<br>modprobe: chdir(2.6.32.12): No such file or directory<br>
modprobe: chdir(2.6.32.12): No such file or directory<br>modprobe: chdir(2.6.32.12): No such file or directory<br>modprobe: chdir(2.6.32.12): No such file or directory<br><br></div><div>So kernel modules probably didn't load properly<br>
</div><div>I've tried to fix problem by adding following dir:<br>>mkdir /usr/lib/modules/<a href="http://2.6.32.12">2.6.32.12</a><br>and copy modules to that dir<br>>cp /usr/lib/modules/* /usr/lib/modules/<a href="http://2.6.32.12/">2.6.32.12/</a><br>
<br></div><div>Now I get this error:<br>./ipsec start<br>Starting strongSwan 5.1.0 IPsec [starter]...<br>modprobe: can't open 'modules.dep': No such file or directory<br>modprobe: can't open 'modules.dep': No such file or directory<br>
modprobe: can't open 'modules.dep': No such file or directory<br>modprobe: can't open 'modules.dep': No such file or directory<br><br></div><div>And I'm stuck again.<br>Do you have any idea what's going on here ? which module files are missing, so I can try to load them by hand (insmod command) ? <br>
<br>Thanks!<br></div><div><br></div><div><br></div><div><br></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Wed, Oct 30, 2013 at 11:39 AM, Martin Willi <span dir="ltr"><<a href="mailto:martin@strongswan.org" target="_blank">martin@strongswan.org</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="im"><br>
> I've added charon.routing_table=0 to strongswan.conf<br>
<br>
</div><div class="im">> 00[KNL] unable to create IPv4 routing table rule<br>
<br>
</div>The option is not in effect; otherwise that error won't show up. Make<br>
sure you edit the strongswan.conf that charon reads, an you use the<br>
correct syntax (you can't write charon.routing_table as key, but have to<br>
define the routing_table key in the charon section). See [1] for<br>
details.<br>
<div class="HOEnZb"><div class="h5"><br>
Regards<br>
Martin<br>
<br>
[1]<a href="http://wiki.strongswan.org/projects/strongswan/wiki/StrongswanConf" target="_blank">http://wiki.strongswan.org/projects/strongswan/wiki/StrongswanConf</a><br>
<br>
<br>
</div></div></blockquote></div><br></div></div>