[strongSwan] Error: We have no ipsecN interface

[Farid Farid]

Hello All,

I am new in this community and strongswan.
I would like to setup the simplest possible scenario for ipsec between two units.

I am using host-host example on strongswan website using PSK. One unit (left side )is running strongswan 5.0.1 (Embedded target on Openwrt attitude) and another end (right side)runs Strongswan 4-5.2.1.2 on Ubuntu. They are directly connected and there is no router or firewall in between.

I can start both ipsec daemons  on both sides. 

After running >> ipsec  up   lmuon  machine with 5.0.1 version it  keeps sending a request to another machine which I can 

capture it using tcpdum :      IP 192.168.1.55.500 > 192.168.1.209.500: isakmp: phase 1 I ident

But as soon as I run  on Ubuntu machine the command  >>ipsec  up  desktop  I get the following error:
022 "desktop": we have no ipsecN interface for either end of this connection



Below you can see  ipsec.conf form both side along with ipsec.secret which is the same for both sides. I appreciate if someone can help me with that.



here is the ipsec.conf for  5.0.1 on  Openwrt target machine:

# ipsec.conf - strongSwan IPsec configuration file

# basic configuration

config setup
         strictcrlpolicy=no
        # uniqueids = no

conn %default
     keyexchange=ikev1
     authby=secret

# Add connections here.

# Sample VPN connections

conn lmu
      leftsubnet=192.168.1.0/24
      left=192.168.1.55
      leftid=@lmu.strongswan.com
      leftsendcert=never
      right=192.168.1.209
      rightid=@desktop.strongswan.com
      rightsubnet=192.68.1.0/24
      auto=add


here is ipsec.conf for 4-5.2.1.2:

# ipsec.conf - strongSwan IPsec configuration file

# basic configuration

config setup
        # plutodebug=all
        # crlcheckinterval=600
        # strictcrlpolicy=yes
        # cachecrls=yes
        # nat_traversal=yes
        plutodebug=control
        charonstart=no
        #plutostart=no

conn    %default
        keyingtries=1
        keyexchange=ikev1
        authby=secret
# Add connections here.

# Sample VPN connections

conn  desktop
      left=192.18.1.209
      leftid=@desktop.strongswan.com
      leftsendcert=never
      right=192.168.1.55
      rightid=@lmu.strongswan.com
      auto=add



here is the ipsec.secret:

 This file holds shared secrets or RSA private keys for inter-Pluto
# authentication.  See ipsec_pluto(8) manpage, and HTML documentation.

# RSA private key for this host, authenticating it to any other host
# which knows the public part.  Suitable public keys, for ipsec.conf, DNS,
# or configuration of other implementations, can be extracted conveniently
# with "ipsec showhostkey".

# this file is managed with debconf and will contain the automatically created private key
#include /var/lib/strongswan/ipsec.secrets.inc

#192.168.1.209 192.168.1.55 : PSK "yourpasswordhere"
@desktop.strongswan.com  @lmu.strongswan.com   : PSK "yourpasswordhere"




Thanks,
Farid
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20130723/8d9780b4/attachment.html>