[strongSwan] Problem using Strong Swan on high-end Freescale Board (p4080)
Martin Willi
martin at strongswan.org
Mon Jul 4 18:17:57 CEST 2011
Hi,
> when I initiate the net-net connection from SUN virtual machine, the
> board receives isakmp but afterwards replies to SUN telling that udp
> port 500 is unreachable, like nobody listens on that port.
> load = aes des sha1 sha2 md5 pem pkcs1 gmp random hmac xcbc stroke
> kernel-netlink socket-rawupdown
I don't recommend to specify any load statement, handling dependencies
is just too complicated. Set the options you need during ./configure,
the build system sets then a sane default load statement.
If you're just running charon, add --disable-pluto to ./configure.
Charon will be built with the default socket. The raw socket usually
woks fine, but I can't guarantee that it works with every networking
driver.
> 00:27:32.898850 IP gateway0.500 > 192.168.0.1.500: [|isakmp]
> 00:27:32.898890 IP 192.168.0.1 > gateway0: icmp 556: 192.168.0.1 udp
> port 500 unreachable
At least the board actually receives the message, but doesn't forward it
to the daemon. Any log messages on moon? I'd try it with the default
socket, maybe it helps.
Regards
Martin
More information about the Users
mailing list