[strongSwan] Upgrade issue

Tobias Brunner tobias at strongswan.org
Tue Mar 27 09:36:27 CEST 2012


Hi Peter,

> I'm attaching the full control+controlmore logs from both versions in
> case anyone's interested (IP redacted). A diff shows them effectively
> identical until after the "full match" lines.

Actually, I think that the problem is caused by an earlier difference in
the logs:

4.4.0:
> loading secrets from "/etc/ipsec.secrets"
>   loaded private key from 'server.key'
>   ...
>   loaded shared key for %any 204.236.190.251

4.5.2:
> loading secrets from "/etc/ipsec.secrets"
>   loaded PSK secret for 184.169.244.187 %any

That is, 4.5.2 doesn't load the private key.  This is then later the
cause for pluto to skip the connection even if it is a full match, it's
simply not able to authenticate itself.

How does your ipsec.secrets file look like?  Is there a difference
between the two?  Check the man page or our wiki [1] to make sure the
syntax is valid.

Regards,
Tobias

[1] http://wiki.strongswan.org/projects/strongswan/wiki/IpsecSecrets





More information about the Users mailing list