[strongSwan] Strongswan doesn't start connection, but no error message

Stefan Michael Guenther s.guenther at in-put.de
Wed Sep 21 16:27:05 CEST 2011


Hello,

I have installed the following packages on a OpenSuSE 11.4 system:

strongswan-ipsec-4.5.0-6.7.1.i586
strongswan-mysql-4.5.0-6.7.1.i586
strongswan-ikev2-4.5.0-6.7.1.i586
strongswan-nm-4.5.0-6.7.1.i586
strongswan-libs0-4.5.0-6.7.1.i586
strongswan-4.5.0-6.7.1.i586
strongswan-sqlite-4.5.0-6.7.1.i586
strongswan-ikev1-4.5.0-6.7.1.i586
strongswan-doc-4.5.0-6.7.1.i586

When I enter /etc/init.d/ipsec start, /var/log/messages contains the following lines:

Sep 21 16:15:10 gw pluto[32596]: added connection description "LD-B2"
Sep 21 16:15:10 gw pluto[32596]: | 192.168.13.0/24===91.45.xxx.xxx[gateway.b2.de]---217.0.xxx.xxx...217.7.xxx.xx[gateway.landau.de]===192.168.0.0/24
Sep 21 16:15:10 gw pluto[32596]: | ike_life: 10800s; ipsec_life: 3600s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; policy: PSK+ENCRYPT+TUNNEL+PFS
Sep 21 16:15:10 gw pluto[32596]: | next event EVENT_REINIT_SECRET in 3599 seconds

And that's it! Why does Pluto only add the connection but does not start it, although I have defined "auto=start" in ipsec.conf?

Here are the two configuration files:

/etc/ipsec.conf
config setup
        interfaces="%defaultroute"
        plutostart=yes
        plutodebug=all
        uniqueids=yes
        charonstart=no

conn Landau-Bruchsal2
        keyingtries=0
        type=tunnel
        pfs=yes
        authby=secret
        left=217.7.xxx.xx
        leftid=@gateway.landau.de
        leftsubnet=192.168.0.0/24
        right=%defaultroute
        rightid=@gateway.b2.de
        keyexchange=ikev2
        rightsubnet=192.168.13.0/24
        auto=start

/etc/strongswan.conf
charon {
}
pluto {
}
libstrongswan {
}

Thanks for any suggestions or hints,

Stefan




More information about the Users mailing list