[strongSwan] problems with charon in 4.4.1

Andreas Schuldei schuldei+strongswan at spotify.com
Tue May 24 08:48:23 CEST 2011

On Mon, May 23, 2011 at 11:44 PM, Andreas Steffen
<andreas.steffen at strongswan.org> wrote:
> Hello Andreas,
> debugging these many connections might be easier using the
> condensed /var/log/auth.log which has the following entries:
> http://www.strongswan.org/uml/testresults45/ikev2/dpd-restart/carol.auth.log

the auth.log was still huge on taylor.

i attempted to start from a clean slate today and did this on all
machines in the test bed:

	/etc/init.d/ipsec stop
	rm -f /var/run/charon.pid /var/run/starter.pid /var/run/charon.ctl
	/etc/init.d/ipsec stop
       logrotate -f /etc/logrotate.conf
	ip xfrm policy flush
	/etc/network/if-up.d/ssh-outside-ipsec  # this adds xfrm policy for
port 500UDP and ssh traffic to NOT go through ipsec
	/etc/init.d/ipsec start

and again taylor got immediate problems with the three hosts, just
like yesterday. We dont have additional firewall rules that limit
traffic between these hosts. Other hosts in the ash.spotify.net domain
dont have problems either.
Can something else get confused?
is there more state somewhere?

More information about the Users mailing list