<div dir="ltr">Hello Andreas,<div><br></div><div>I have installed strongswan, how can change the sysconfdir, should I uninstall it first? I don't know how to uninstall strongswan?</div><div><br></div><div>Thanks for your help</div>
</div><div class="gmail_extra"><br><br><div class="gmail_quote">2014-08-19 12:36 GMT+08:00 Andreas Steffen <span dir="ltr"><<a href="mailto:andreas.steffen@strongswan.org" target="_blank">andreas.steffen@strongswan.org</a>></span>:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hello Amysue,<br>
<br>
you have to build strongSwan with<br>
<br>
./configure --sysconfdir=/etc<br>
<br>
Regards<br>
<br>
Andreas<br>
<div class=""><br>
On 08/19/2014 05:18 AM, <a href="mailto:amysue.z@gmail.com">amysue.z@gmail.com</a> wrote:<br>
> Hi Noel,<br>
><br>
> I have checked the strongswan logs at /var/log/messages, and I found<br>
> that it load the conf directory /usr/loca/etc, while I put all my conf<br>
> files at /etc, which I think cause my problem.<br>
> Is there any way that I can change the conf directory to /etc.<br>
><br>
> Thanks,<br>
><br>
><br>
> 2014-08-18 21:16 GMT+08:00 Noel Kuntze <<a href="mailto:noel@familie-kuntze.de">noel@familie-kuntze.de</a><br>
</div>> <mailto:<a href="mailto:noel@familie-kuntze.de">noel@familie-kuntze.de</a>>>:<br>
<div class="">><br>
> Hello Amysue<br>
><br>
> Please refer to [2] for a how-to for installing strongSwan.<br>
> Please note that some modules that could be necessary for your setup<br>
> need to be compiled by giving the corresponding parameters to<br>
> ./configure.<br>
><br>
> Regards,<br>
> Noel Kuntze<br>
><br>
> GPG Key id: 0x63EC6658<br>
> Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658<br>
><br>
> Am 18.08.2014 um 15:12 schrieb <a href="mailto:amysue.z@gmail.com">amysue.z@gmail.com</a><br>
</div>> <mailto:<a href="mailto:amysue.z@gmail.com">amysue.z@gmail.com</a>>:<br>
<div class="">>> I also want to know are there any special configurations to<br>
> install strongswan for ikev2 mobike?<br>
><br>
>> For install strongswan to my pc, I just<br>
>> /./configure/<br>
>> /make/<br>
>> /make install/<br>
>> /<br>
>> /<br>
>> Thanks,<br>
><br>
><br>
>> 2014-08-18 21:08 GMT+08:00 <<a href="mailto:amysue.z@gmail.com">amysue.z@gmail.com</a><br>
</div>> <mailto:<a href="mailto:amysue.z@gmail.com">amysue.z@gmail.com</a>> <mailto:<a href="mailto:amysue.z@gmail.com">amysue.z@gmail.com</a><br>
<div class="">> <mailto:<a href="mailto:amysue.z@gmail.com">amysue.z@gmail.com</a>>>>:<br>
><br>
>> Hi Noel,<br>
>> The output of "ipsec statusall" is<br>
>> /Status of IKE charon daemon (strongSwan 5.0.2, Linux<br>
> 2.6.18-348.1.1.el5, i686):/<br>
>> / uptime: 14 minutes, since Aug 18 18:21:46 2014/<br>
>> / malloc: sbrk 135168, mmap 0, used 86616, free 48552/<br>
>> / worker threads: 8 of 16 idle, 7/1/0/0 working, job queue:<br>
> 0/0/0/0, scheduled: 0/<br>
>> / loaded plugins: charon aes des sha1 sha2 md5 random nonce<br>
> x509 revocation constraints pubkey pkcs1 pkcs8 pgp dnskey pem<br>
> fips-prf gmp xcbc cmac hmac attr kernel-netlink resolve<br>
> socket-default stroke updown eap-md5 eap-radius xauth-generic/<br>
>> /Listening IP addresses:/<br>
</div>>> / <a href="http://192.168.2.6/" target="_blank">192.168.2.6/</a> <<a href="http://192.168.2.6/" target="_blank">http://192.168.2.6/</a>><br>
>> / <a href="http://12.12.1.203/" target="_blank">12.12.1.203/</a> <<a href="http://12.12.1.203/" target="_blank">http://12.12.1.203/</a>><br>
<div class="">>> /Connections:/<br>
>> /Security Associations (0 up, 0 connecting):/<br>
>> / none/<br>
><br>
>> AndŁ¬ how do I enable logging[1] ? I don't use strongswan<br>
> much, So it feel difficult for me.<br>
>> Thank you again for your help<br>
><br>
><br>
><br>
>> 2014-08-18 21:02 GMT+08:00 Noel Kuntze <<a href="mailto:noel@familie-kuntze.de">noel@familie-kuntze.de</a><br>
</div>> <mailto:<a href="mailto:noel@familie-kuntze.de">noel@familie-kuntze.de</a>> <mailto:<a href="mailto:noel@familie-kuntze.de">noel@familie-kuntze.de</a><br>
<div class="">> <mailto:<a href="mailto:noel@familie-kuntze.de">noel@familie-kuntze.de</a>>>>:<br>
><br>
>> Hello,<br>
><br>
>> Check your system log for errors and show us the output of "ipsec<br>
> statusall".<br>
>> Sometimes, it takes a couple of seconds for the daemon to load the<br>
> configuration. Waiting a bit can help in this case.<br>
>> The reason for this is, that all the ipsec commands are asynchronous.<br>
>> If the configuration isn't loaded for a couple of seconds, please<br>
> enable logging[1].<br>
>> StrongSwan can handle Mobike. It's a daemon thing, not a kernel thing.<br>
><br>
>> [1]<br>
> <a href="https://wiki.strongswan.org/projects/strongswan/wiki/LoggerConfiguration" target="_blank">https://wiki.strongswan.org/projects/strongswan/wiki/LoggerConfiguration</a><br>
><br>
>> Regards,<br>
>> Noel Kuntze<br>
><br>
>> GPG Key id: 0x63EC6658<br>
>> Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658<br>
><br>
>> Am 18.08.2014 um 14:56 schrieb <a href="mailto:amysue.z@gmail.com">amysue.z@gmail.com</a><br>
</div>> <mailto:<a href="mailto:amysue.z@gmail.com">amysue.z@gmail.com</a>> <mailto:<a href="mailto:amysue.z@gmail.com">amysue.z@gmail.com</a><br>
<div><div class="h5">> <mailto:<a href="mailto:amysue.z@gmail.com">amysue.z@gmail.com</a>>>:<br>
>>> Hello,<br>
><br>
>>> My OS is centos 5.9 and i have installed Linux strongSwan<br>
> U5.0.2/K2.6.18-348.1.1.el5.<br>
>>> After installation,i start strongswan:<br>
>>> ipsec start<br>
>>> then i up an connection:<br>
>>> ipsec up client<br>
>>> then I get an error:*no config named 'client'*<br>
>>> Actually, I define an connection in /etc/ipsec.conf.<br>
><br>
>>> Below is my /etc/ipsec.conf<br>
><br>
>>> /config setup/<br>
>>> / strictcrlpolicy=no/<br>
>>> / charonstart=yes/<br>
>>> /<br>
>>> /<br>
>>> /conn %default/<br>
>>> / ikelifetime=28800s/<br>
>>> / keylife=28800s/<br>
>>> / rekeymargin=3m/<br>
>>> / keyingtries=3/<br>
>>> / keyexchange=ikev2/<br>
>>> / ike=3des-sha1-modp1024/<br>
>>> / esp=3des-sha1/<br>
>>> /<br>
>>> /<br>
>>> /conn client/<br>
</div></div>>>> / left=<a href="http://12.12.1.203/" target="_blank">12.12.1.203/</a> <<a href="http://12.12.1.203/" target="_blank">http://12.12.1.203/</a>> <<a href="http://12.12.1.203/" target="_blank">http://12.12.1.203/</a>><br>
<div class="">>>> / leftsourceip=%config/<br>
>>> / leftcert=client1_cert.pem/<br>
>>> / leftid="/C=CN/ST=SH/O=CS/CN=IKEv2_Client1"/<br>
>>> / right=<a href="http://11.11.11.200/" target="_blank">11.11.11.200/</a> <<a href="http://11.11.11.200/" target="_blank">http://11.11.11.200/</a>><br>
> <<a href="http://11.11.11.200/" target="_blank">http://11.11.11.200/</a>><br>
>>> / rightid="/C=CN/ST=SH/O=CS/CN=11.11.11.200"/<br>
>>> / rightsubnet=<a href="http://192.168.168.0/24" target="_blank">192.168.168.0/24</a> <<a href="http://192.168.168.0/24" target="_blank">http://192.168.168.0/24</a>><br>
> <<a href="http://192.168.168.0/24" target="_blank">http://192.168.168.0/24</a>> <<a href="http://192.168.168.0/24" target="_blank">http://192.168.168.0/24</a>>/<br>
>>> / auto=add/<br>
>>> /<br>
>>> /<br>
>>> I have no idea what to do now, I really need your help, any one<br>
> could help me?<br>
>>> Thank you very much<br>
><br>
<br>
</div>======================================================================<br>
Andreas Steffen <a href="mailto:andreas.steffen@strongswan.org">andreas.steffen@strongswan.org</a><br>
strongSwan - the Open Source VPN Solution! <a href="http://www.strongswan.org" target="_blank">www.strongswan.org</a><br>
Institute for Internet Technologies and Applications<br>
University of Applied Sciences Rapperswil<br>
CH-8640 Rapperswil (Switzerland)<br>
===========================================================[ITA-HSR]==<br>
<br>
</blockquote></div><br></div>