[strongSwan] StrongSwan openssl plugin issue

anand rao anandrao_me at yahoo.co.in
Tue Apr 19 07:30:13 CEST 2011


Hi,


    I have configured StrongSwan with --enable-openssl and 
--enable-kernel-pfkey. 


My setup consists of two hosts connected back to back and tunnel configured for 
transport mode.

from one host I am running a script in a loop in which i am doing
ipsec up conn-host-host
sleep 2
ipsec down conn-host-host
sleep 2

For some time tunnel up/down happening successfully.
After few successful establishments of tunnel and deletions of tunnel,  the 
StrongSwan daemon stops responding and I have to restart the daemons.
This is happening for both Pluto and Charon.

Surprisingly If I use GMP or GCRYPT libraries this issue is not observed. So I 
am thinking that this is an issue with OpenSSL plugin only.

I have attached the ipsec.conf and ipsec.secrets files.
Please help. I need to use the OpenSSL for hardware acceleration.

Thanks
-Anand
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ipsec.secrets
Type: application/octet-stream
Size: 114 bytes
Desc: not available
URL: <http://lists.strongswan.org/pipermail/users/attachments/20110419/319d9ef8/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ipsec.conf
Type: application/octet-stream
Size: 446 bytes
Desc: not available
URL: <http://lists.strongswan.org/pipermail/users/attachments/20110419/319d9ef8/attachment-0001.obj>


More information about the Users mailing list