[strongSwan] newbie qs. suite B with AES-GCM

Philip Anil-QBW348 anil.philip at motorolasolutions.com
Thu Jan 5 01:43:52 CET 2012 

Andreas,
I am trying to go thru the commands in console.log
Am getting an error on carol.
Anil

-------------moon--------------------
~$ sudo ipsec start
Starting strongSwan 4.5.2 IPsec [starter]...
!! Your strongswan.conf contains manual plugin load options for
!! pluto and/or charon. This is recommended for experts only, see
!! http://wiki.strongswan.org/projects/strongswan/wiki/PluginLoad
insmod /lib/modules/3.0.0-14-generic-pae/kernel/net/ipv4/ah4.ko 
insmod /lib/modules/3.0.0-14-generic-pae/kernel/net/ipv4/esp4.ko 
insmod /lib/modules/3.0.0-14-generic-pae/kernel/net/xfrm/xfrm_ipcomp.ko 
insmod /lib/modules/3.0.0-14-generic-pae/kernel/net/ipv4/ipcomp.ko 
insmod /lib/modules/3.0.0-14-generic-pae/kernel/net/ipv4/tunnel4.ko 
insmod /lib/modules/3.0.0-14-generic-pae/kernel/net/ipv4/xfrm4_tunnel.ko 
insmod /lib/modules/3.0.0-14-generic-pae/kernel/net/xfrm/xfrm_user.ko 
~$ sudo ipsec statusall
Status of IKEv2 charon daemon (strongSwan 4.5.2):
  uptime: 7 minutes, since Jan 04 12:33:26 2012
  malloc: sbrk 135168, mmap 0, used 75808, free 59360
  worker threads: 10 idle of 16, job queue load: 0, scheduled events: 0
  loaded plugins: curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac xcbc gcm stroke kernel-netlink updown 
Listening IP addresses:
  192.168.1.100
Connections:
          rw:  192.168.1.100...%any
          rw:   local:  [moon.strongswan.org] uses public key authentication
          rw:   remote: [%any] uses any authentication
          rw:    crl:   status must be GOOD
          rw:   child:  10.1.0.0/16 === dynamic 
Security Associations:
  none
~$ 

----------roadwarrior carol--------------
~$ sudo ipsec start
Starting strongSwan 4.5.2 IPsec [starter]...
!! Your strongswan.conf contains manual plugin load options for
!! pluto and/or charon. This is recommended for experts only, see
!! http://wiki.strongswan.org/projects/strongswan/wiki/PluginLoad
charon is already running (/var/run/charon.pid exists) -- skipping charon start
starter is already running (/var/run/starter.pid exists) -- no fork done
~$ sleep 1 
~$ sudo ipsec up home
initiating IKE_SA home[1] to 192.168.1.100
configured DH group MODP_NONE not supported
tried to check-in and delete nonexisting IKE_SA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20120104/b0ffc278/attachment.html>

More information about the Users mailing list