[strongSwan] Using Strongswan as an IKEv2 daemon

Andreas Steffen andreas.steffen at strongswan.org
Wed Mar 21 09:45:36 CET 2012

Hello Deepika,

please have a look at our Mobile IPv6 scenario


where the MIPv6 daemon installs the policy. With the ipsec.conf


you can prevent the charon daemon from installing and deleting
IPsec policies. You can then use the


option to match acquire messages from the kernel to connection
definitions so that the IPsec SA is going to be set up by the



On 03/21/2012 08:00 AM, Deepika Agarwal wrote:
> Hello All,
> I'm trying to use Strongswan as a  IKEv2 daemon (i.e charon) and add
> the policies via setkey at runtime. Is that allowed with Strongswan?
> As per my test results, though I'm able to flush the policies added by
> Strongswan using setkey, but strongswan doesn't takes into account the
> policies added by setkey.
> Is there any way to add the policies at runtime for Strongswan?
> Thanks
> Deepika

Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution!                www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)

More information about the Users mailing list