[strongSwan] ipsec_starter strikes charon for pluto's misdeeds

Gerd v. Egidy lists at egidy.de
Fri Sep 3 15:28:48 CEST 2010


> Well, yes and no. In openSUSE 11.3, strongswan is split into
> strongswan-ikev1, strongswan-ikev2, strongswan-ipsec (holds
> ipsec.conf) and strongswan (dummy package holding a requires for -ikev1,
> -ikev2, -ipsec).

Splitting strongswan like this is what I would consider as good practice for 
any distribution.

> ipsec.conf has been tuned to read
>  include /etc/ipsec.*.conf

Is that the default for the SUSE packages? I think it would be better to use 
something like

include /etc/ipsec.d/*.conf
> And
> placing plutostart=no anywhere may not work well with
> othervpn.noarch.rpm. :)

Sorry, I don't understand that part. What is othervpn.noarch.rpm for?

Kind regards,


Address (better: trap) for people I really don't want to get mail from:
jonas at cactusamerica.com

More information about the Users mailing list