[strongSwan-dev] [IKE] loaded 0 RADIUS server configurations

Ccf Cloud ccfcloud at gmail.com
Thu Oct 3 12:13:40 CEST 2013 

Hi,

I'm trying to create a secure tunnel between my mobile device (Android) and
a gateway (Linux box). I need an EAP-SIM based authentication with the
radius server. For this I compiled the strongswan library with
--enable-eap-sim, --enable-eap-sim-file and --enable-eap-radius options on
both the Android device and the gateway machine. However when I try ipsec
start --nofork, the charon daemon starts with following error messages:

moon at moon-gw:~/Desktop/strongswan-5.1.0$ sudo ipsec start --nofork
Starting strongSwan 5.1.0 IPsec [starter]...
00[DMN] Starting IKE charon daemon (strongSwan 5.1.0, Linux
3.2.0-29-generic, x86_64)
00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
00[CFG]   loaded ca certificate "C=IN, O=someorg, CN=someorg CA" from
'/etc/ipsec.d/cacerts/caCert.der'
00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
00[CFG] loading crls from '/etc/ipsec.d/crls'
00[CFG]   loaded crl from '/etc/ipsec.d/crls/crl_moon.der'
00[CFG] loading secrets from '/etc/ipsec.secrets'
00[CFG]   loaded RSA private key from '/etc/ipsec.d/private/moonKey.der'
00[CFG] sql plugin: database URI not set
00[CFG] read 0 triplets from /etc/ipsec.d/triplets.dat
00[CFG] eap-simaka-sql database URI missing
*00[CFG] loaded 0 RADIUS server configurations*
00[LIB] loaded plugins: charon sqlite pkcs11 aes des rc2 sha1 sha2 md5
random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12
pgp dnskey sshkey pem openssl gcrypt fips-prf gmp xcbc cmac hmac attr
kernel-netlink resolve socket-default stroke updown eap-identity eap-sim
eap-sim-file eap-aka eap-aka-3gpp2 eap-md5 eap-mschapv2 eap-radius eap-tls
eap-ttls xauth-generic error-notify
00[LIB] unable to load 9 plugin features (7 due to unmet dependencies)
00[JOB] spawning 16 worker threads
charon (15730) started after 40 ms
05[CFG] received stroke: add connection 'rw-eap'
05[CFG]   loaded certificate "C=IN, O=someorg, CN=moon" from 'moonCert.der'
05[CFG] added configuration 'rw-eap'


Why am I getting this error? I referred the mailing list archives for this
but could not get any specific help. Also when my android device tries to
initiate IKE exchanges with the gateway, the gateway throws an error
saying: *loading EAP_RADIUS method failed.*

Can some one please help me on this?


Below is the content of my *strongswan.conf* file:
# strongswan.conf - strongSwan configuration file
charon {
# number of worker threads in charon
threads = 16

# send strongswan vendor ID?
# send_vendor_id = yes

load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac
xcbc stroke kernel-netlink socket-raw fips-prf eap-radius eap-sim
eap-sim-file updown

plugins {
sql {
# loglevel to log into sql database
loglevel = -1

# URI to the database
# database = sqlite:///path/to/file.db
# database = mysql://user:password@localhost/database
}
eap-radius {
class_group = yes
eap_start = yes
servers {
primary {
address = 10.10.10.2
secret = gv6URkSs
nas_identifier = moon-gw
sockets = 20
preference = 99
}
}
#secret = gv6URkSs
#server = 10.10.10.2
}
}

# ...
}


--Regards
   Sam
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20131003/b1fb2eba/attachment.html>

More information about the Dev mailing list