[strongSwan] Using Strongswan as an IKEv2 daemon
Andreas Steffen
andreas.steffen at strongswan.org
Wed Mar 21 09:45:36 CET 2012
Hello Deepika,
please have a look at our Mobile IPv6 scenario
http://wiki.strongswan.org/projects/strongswan/wiki/MobileNodeSetup
where the MIPv6 daemon installs the policy. With the ipsec.conf
option
installpolicy=no
you can prevent the charon daemon from installing and deleting
IPsec policies. You can then use the
reqid=<number>
option to match acquire messages from the kernel to connection
definitions so that the IPsec SA is going to be set up by the
daemon.
Regards
Andreas
On 03/21/2012 08:00 AM, Deepika Agarwal wrote:
> Hello All,
>
> I'm trying to use Strongswan as a IKEv2 daemon (i.e charon) and add
> the policies via setkey at runtime. Is that allowed with Strongswan?
> As per my test results, though I'm able to flush the policies added by
> Strongswan using setkey, but strongswan doesn't takes into account the
> policies added by setkey.
> Is there any way to add the policies at runtime for Strongswan?
>
> Thanks
> Deepika
>
--
======================================================================
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==
More information about the Users
mailing list