[strongSwan] [Strongswan][Error] Loaded 0 Radius server configurations

Ccf Cloud ccfcloud at gmail.com
Fri Oct 4 12:14:10 CEST 2013

Hi Martin,

Thanks for the reply. Few followup questions:

On Fri, Oct 4, 2013 at 1:20 PM, Martin Willi <martin at strongswan.org> wrote:

> Hi Sam,
> > I need an EAP-SIM based authentication with the radius server. For this
> > I compiled the strongswan library with --enable-eap-sim,
> > --enable-eap-sim-file and --enable-eap-radius options on both the
> > Android device and the gateway machine.
> If you delegate EAP-SIM authentication to RADIUS, you won't need the
> eap-sim plugins on the server. Further, a client never needs the
> eap-radius plugin; it does not directly speak RADIUS.
> > 00[CFG] loaded 0 RADIUS server configurations
> Seems that the plugin can't find your RADIUS configuration in
> strongswan.conf.

What could be the reason for this?

> > load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation
> hmac
> > xcbc stroke kernel-netlink socket-raw fips-prf eap-radius eap-sim
> > eap-sim-file updown
> You should not explicitly define a load statement. ./configure your
> installation with what you need, and let the daemon handle plugin order
> and the plugin list.
I got that. However even with that I'm getting the same error message.

> > Below is the content of my *strongswan.conf* file:
> At a first look your gateway strongswan.conf is fine. Please double
> check that you are editing the same file as the daemon reads (your
> --sysconfdir= matches your strongswan.conf path), and access rights are
> ok. Given that your explicit load statement does not throw a warning,
> I'd guess that the daemon does not read from the correct file.

For my setup all the configurations are read from /usr/local/etc/*.conf. If
it is not reading from here then is there a way to check which path it has
picked up?

> Regards
> Martin
I compiled strongswan with following configuration options:

./configure --enable-sql --enable-sqlite --enable-eap-sim
--enable-eap-sim-file --enable-eap-aka --enable-eap-aka-3gpp2
--enable-eap-simaka-sql --enable-eap-radius --enable-eap-ttls
--enable-eap-tls --enable-eap-md5 --enable-eap-identity
--enable-eap-mschapv2 --enable-socket-dynamic --enable-integrity-test
--enable-gcrypt --enable-openssl --enable-pkcs11 --enable-libipsec

Is there some thing I'm missing here?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20131004/a3e56a7d/attachment.html>

More information about the Users mailing list