[strongSwan] StrongSwan Setup Questions
carnold at electrichendrix.com
Sat Mar 31 03:58:42 CEST 2012
>> -Where is the authlog located?
>iirc, strongswan logs to syslog by default. Have a look at
>if you want to customize logging.
OK, i have configured strongSwan on both servers. Created the certs on both servers and open 500 and 4500 on both firewalls. I try to ping the remote network and get 0 replies. I am a little confused on where the log entries go in strongswan.conf. Here is said file:
# strongswan.conf - strongSwan configuration file
# number of worker threads in charon
threads = 16
# plugins to load in charon
# load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac xcbc stroke kernel-netlink socket-default updown
# loglevel to log into sql database
loglevel = -1
# URI to the database
# database = sqlite:///path/to/file.db
# database = mysql://user:password@localhost/database
# plugins to load in pluto
# load = aes des sha1 md5 sha2 hmac gmp random pubkey
# set to no, the DH exponent size is optimized
# dh_exponent_ansi_x9_42 = no
# Two defined file loggers. Each subsection is either a file
# in the filesystem or one of: stdout, stderr.
# add a timestamp prefix
time_format = %b %e %T
# loggers to files also accept the append option to open files in
# append mode at startup (default is yes)
append = no
# the default loglevel for all daemon subsystems (defaults to 1).
default = 1
# flush each line to disk
flush_line = yes
# more detailed loglevel for a specific subsystem, overriding the
# default loglevel.
ike = 2
knl = 3
# prepend connection name, simplifies grepping
ike_name = yes
# And two loggers using syslog. The subsections define the facility to log
# to, currently one of: daemon, auth.
# default level to the LOG_DAEMON facility
# very minimalistic IKE auditing logs to LOG_AUTHPRIV
default = -1
ike = 0
Is this right for the log file? I also restarted ipsec and looked in /var/log to see if i see the charon file and do not.
More information about the Users