[strongSwan] strongswan.conf for eap-radius

Claude Tompers claude.tompers at restena.lu
Fri Apr 9 14:29:58 CEST 2010 

Hi, 

I've found the error. Our shared secret contains a "}" which is of correct form for radius.
The strongswan conf parser though thinks that this a syntactical "}".
I think this is something that should be fixed in upcoming releases ?

kind regards
Claude Tompers

On Friday 09 April 2010 10:51:25 Andreas Steffen wrote:
> It seems that either strongswan.conf is not found or that
> strongswan.conf is not readable by the charon daemon.
> 
> How did you configure strongSwan?
> 
>   ./configure --prefix=/usr --sysconfdir=/etc --enable-eap-radius
> 
> will look for /etc/strongswan.conf whereas
> 
>   ./configure --enable-eap-radius
> 
> will look for /usr/local/etc/strongswan.conf
> 
> If you configured strongSwan with the option
> 
>   ./configure --with-group=vpn
> 
> then
> 
>   chown root:vpn /etc/strongswan.conf
> 
> is needed in order for charon to be able to read strongswan.conf
> 
> Regards
> 
> Andreas
> 
> Claude Tompers wrote:
> > Hi,
> > 
> > Based on that howto, I first configured strongswan.
> > I always get the same results.
> > 
> > Log :
> > Apr  9 10:40:26 vpn6-test charon: 00[CFG] no RADUIS secret defined
> > Apr  9 10:40:26 vpn6-test charon: 00[CFG] RADIUS plugin initialization failed
> > Apr  9 10:40:26 vpn6-test charon: 00[LIB] plugin 'eap-radius': failed to load - plugin_create() returned NULL
> > 
> > strongswan.conf :
> > 
> > charon {
> >   dns1 = ......
> >   dns2 = ......
> >   load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eap-radius updown
> >   plugins {
> >     eap-radius {
> >       secret = ......
> >       server = ......
> >     }
> >   }
> > }
> > 
> > regards
> > Claude
> 
> ======================================================================
> Andreas Steffen                         andreas.steffen at strongswan.org
> strongSwan - the Linux VPN Solution!                www.strongswan.org
> Institute for Internet Technologies and Applications
> University of Applied Sciences Rapperswil
> CH-8640 Rapperswil (Switzerland)
> ===========================================================[ITA-HSR]==
> 

-- 
Claude Tompers
Ingénieur réseau et système
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg

Tel: +352 424409 1
Fax: +352 422473
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.strongswan.org/pipermail/users/attachments/20100409/095eca85/attachment.pgp>

More information about the Users mailing list