[strongSwan] Android/Stongswan Integration

zhen chen zchen2711 at yahoo.com
Mon Nov 28 16:29:13 CET 2011

Hi Tobias, 

I finally get my tunnel to work. To me the key was to make sure the SAN of the server side cert has to be he host address of the vpn server, so the configuration can match. 

many thanks to you and others for the help. 


 From: Tobias Brunner <tobias at strongswan.org>
To: zhen chen <zchen2711 at yahoo.com> 
Cc: "users at lists.strongswan.org" <users at lists.strongswan.org> 
Sent: Tuesday, November 22, 2011 8:07 AM
Subject: Re: [strongSwan] Android/Stongswan Integration
> 1. Doesn't seem that Charon loads the the  ipsec.conf file.

What makes you say so?  Do you get any errors?  Where did you put the
file?  Can you verify that it's there when you log into the emulator
with 'adb shell'?  And is that path equal to what you configured in the
top Android.mk file as strongswan_CONFDIR?

> 2. If I use ipsec up to force the starter to bring up the conn, ipsec up
> gave some error like " unnamed error ] ] ]". 

The ipsec script is not really working on Android as there is no 'test'
or '[' command, of which the script makes use extensively.  Simply use
starter and stroke directly.  Use 'starter' to start starter and charon
and use 'stroke up' to start a connection (to terminate them just kill
starter).  Have a look at how the script uses starter and stroke to
implement individual commands.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20111128/fd72e72e/attachment.html>

More information about the Users mailing list