[strongSwan-dev] A hand regarding (kernel-)libipsec and Windows

Noel Kuntze noel.kuntze+strongswan-dev-ml at thermi.consulting
Fri Aug 11 23:50:20 CEST 2017


Yes, I finished it all and made it work.
Code is on my Github[1] in the strongswan and tap-windows6 repos.

Kind regards


[1] https://github.com/Thermi

On 11.08.2017 23:25, Kevin Lussier wrote:
> Hi Noel.
> I was about to venture down this same path myself. You posted your message about a year ago. Were you able to make any further progress?
> Thanks,
> Kevin Lussier
>> Hello, I'm looking for some help regarding getting (kernel-)libipsec to work on Windows. I've already written the necessary code to interface with the TAP-Windows driver from OpenVPN and I already added code to handle the setting of the gateway field in the routes and functions to perform IO operations on the TUN handles, however, I have some problems getting it to work. The basic problem is, that despite charon receiving an ESPINUDP packet, the traffic counter does not increase and I don't get the data on the TAP device (in TUN mode) and vice versa (receiving packets on the handle of the TAP device does not work either yet). The current state of affairs is, that the negotiation of a CHILD_SA works fine, as does the installation of a route and the virtual IP. Short list of what was done: *add ifdefs and code in libstrongswan to find, open and configure TAP devices on Windows with the TAP-Windows driver *add short code for setting the GW of the routes over the TAP device on
>> Windows *merge code from the win-vip branch *add some code to honor charon.install_virtual_ip_on *code to perform IO operations on the handles *create/copy header files for (missing) constants My code can be found on Github (https://github.com/Thermi/strongswan) in the windows-libipsec branch. If you like to help, you probably want to look at the diff from commit 1dabd0fb1cfdb5b3381d45a39a7cb134651b72a9 to HEAD. I'd greatly appreciate a helping hand that sheds some light on what I'm doing wrong or what's still missing. -- Mit freundlichen Grüßen/Kind Regards, Noel Kuntze

Noel Kuntze
IT security consultant

GPG Key ID: 0x0739AD6C
Fingerprint: 3524 93BE B5F7 8E63 1372 AF2D F54E E40B 0739 AD6C

More information about the Dev mailing list