[strongSwan] charon: [15]CFG trap not found, unable to acquire reqid 0
Vilhelm Jutvik
ville at sics.se
Mon Mar 12 22:25:46 CET 2012
Hello,
I am writing as I can't get my Strongswan configuration to work. I am
using it to test an IKEv2 implementation of mine built for the IoT OS
(Internet of Things) Contiki.
I've just set up Strongswan 4.5.2 from Ubuntu's packages. I've set my
SPD to require protection for some services and my SAD is clean. When
I use a user-level app to send some data to trigger the IKE_SA
negotiation, nothing is sent. According to syslog, charon creates an
acquire job for the SPD policy in question and then it stops with the
line: "charon: [15]CFG trap not found, unable to acquire reqid 0"
I've googled the error, to no avail. I found the error rather odd as
my setup should be very common, with the exception that I'm using an
elliptic curve group and IPv6.
I would be very thankful for any help with this as I find myself stuck.
Best regards,
Vilhelm Jutvik
This is my strongswan.conf:
=====================================
# /etc/strongswan.conf - strongSwan configuration file
# charon {
# load = curl openssl random x509 pubkey hmac stroke kernel-netlink updown
# }
This is my ipsec.conf:
=====================================
config setup
crlcheckinterval=180
strictcrlpolicy=no
plutostart=no
charondebug="asn 4, knl 4,mgr 4,ike 4,chd 4,net 4,enc 4"
conn %default
auth=esp
authby=psk
esp=aes128ctr-aesxcbc!
ikelifetime=60m
keylife=20m
keyingtries=1
rekeymargin=3m
keyexchange=ikev2
ike=aes128ctr-aesxcbc-ecp192!
type=transport
Here's from ip xfrm policy:
=====================================
src aaaa::/64 dst aaaa::1/128 proto udp
dir fwd priority 2147483648
tmpl src :: dst ::
proto esp reqid 0 mode transport
src aaaa::/64 dst aaaa::1/128 proto udp
dir in priority 2147483648
tmpl src :: dst ::
proto esp reqid 0 mode transport
src aaaa::1/128 dst aaaa::/64 proto udp
dir out priority 2147483648
tmpl src :: dst ::
proto esp reqid 0 mode transport
src ::/0 dst ::/0
socket in priority 0
src ::/0 dst ::/0
socket out priority 0
src ::/0 dst ::/0
socket in priority 0
src ::/0 dst ::/0
socket out priority 0
src ::/0 dst ::/0
socket in priority 0
src ::/0 dst ::/0
socket out priority 0
src 0.0.0.0/0 dst 0.0.0.0/0
socket in priority 0
src 0.0.0.0/0 dst 0.0.0.0/0
socket out priority 0
src 0.0.0.0/0 dst 0.0.0.0/0
socket in priority 0
src 0.0.0.0/0 dst 0.0.0.0/0
socket out priority 0
src 0.0.0.0/0 dst 0.0.0.0/0
socket in priority 0
src 0.0.0.0/0 dst 0.0.0.0/0
socket out priority 0
More information about the Users
mailing list