[strongSwan] config which worked with 4.3.2 does not work with 4.4.0

Wolfgang Walter wolfgang.walter at stwm.de
Mon Aug 16 14:37:27 CEST 2010

Hi Martin,

Am Mittwoch, 7. Juli 2010 schrieb Martin Willi:
> Hi Wolfgang,
> > loaded plugins: [...] socket-default socket-raw socket-dynamic [...]
> Loading all the different socket implementations does not make a lot of
> sense, but it shouldn't harm. Only the first loaded is used. You may try
> to remove the others by specifying
>   load = curl ldap aes des sha1 sha2 md5 random x509 pubkey pkcs1 pgp
>            dnskey pem openssl fips-prf xcbc hmac agent gmp attr
>            kernel-netlink socket-default farp stroke updown eap-identity
>            eap-aka eap-md5 eap-gtc eap-mschapv2 dhcp resolve
>   (all on a single line)

I now found time to check that: it works partially:

I found that socket-default or socket-raw works, socket-dynamic does not work.

But socket-default seems to have some problems, though:

* The ipsec-connection breaks after some time.

* If you don't start both sides almost simultanously, no connection is 

With  socket-raw a connection is established and I may restart each side at 

> Do the packets show up in a packet sniffer on biene?

Yes, they did.

Wolfgang Walter
Studentenwerk München
Anstalt des öffentlichen Rechts

More information about the Users mailing list