[strongSwan] [Strongswan] no config named 'client'
amysue.z at gmail.com
amysue.z at gmail.com
Tue Aug 19 05:18:26 CEST 2014
Hi Noel,
I have checked the strongswan logs at /var/log/messages, and I found that
it load the conf directory /usr/loca/etc, while I put all my conf files at
/etc, which I think cause my problem.
Is there any way that I can change the conf directory to /etc.
Thanks,
2014-08-18 21:16 GMT+08:00 Noel Kuntze <noel at familie-kuntze.de>:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hello Amysue
>
> Please refer to [2] for a how-to for installing strongSwan.
> Please note that some modules that could be necessary for your setup
> need to be compiled by giving the corresponding parameters to ./configure.
>
> Regards,
> Noel Kuntze
>
> GPG Key id: 0x63EC6658
> Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
>
> Am 18.08.2014 um 15:12 schrieb amysue.z at gmail.com:
> > I also want to know are there any special configurations to install
> strongswan for ikev2 mobike?
> >
> > For install strongswan to my pc, I just
> > /./configure/
> > /make/
> > /make install/
> > /
> > /
> > Thanks,
> >
> >
> > 2014-08-18 21:08 GMT+08:00 <amysue.z at gmail.com <mailto:
> amysue.z at gmail.com>>:
> >
> > Hi Noel,
> > The output of "ipsec statusall" is
> > /Status of IKE charon daemon (strongSwan 5.0.2, Linux
> 2.6.18-348.1.1.el5, i686):/
> > / uptime: 14 minutes, since Aug 18 18:21:46 2014/
> > / malloc: sbrk 135168, mmap 0, used 86616, free 48552/
> > / worker threads: 8 of 16 idle, 7/1/0/0 working, job queue:
> 0/0/0/0, scheduled: 0/
> > / loaded plugins: charon aes des sha1 sha2 md5 random nonce x509
> revocation constraints pubkey pkcs1 pkcs8 pgp dnskey pem fips-prf gmp xcbc
> cmac hmac attr kernel-netlink resolve socket-default stroke updown eap-md5
> eap-radius xauth-generic/
> > /Listening IP addresses:/
> > / 192.168.2.6/
> > / 12.12.1.203/
> > /Connections:/
> > /Security Associations (0 up, 0 connecting):/
> > / none/
> >
> > And, how do I enable logging[1] ? I don't use strongswan much, So
> it feel difficult for me.
> > Thank you again for your help
> >
> >
> >
> > 2014-08-18 21:02 GMT+08:00 Noel Kuntze <noel at familie-kuntze.de
> <mailto:noel at familie-kuntze.de>>:
> >
> > Hello,
> >
> > Check your system log for errors and show us the output of "ipsec
> statusall".
> > Sometimes, it takes a couple of seconds for the daemon to load the
> configuration. Waiting a bit can help in this case.
> > The reason for this is, that all the ipsec commands are asynchronous.
> > If the configuration isn't loaded for a couple of seconds, please enable
> logging[1].
> > StrongSwan can handle Mobike. It's a daemon thing, not a kernel thing.
> >
> > [1]
> https://wiki.strongswan.org/projects/strongswan/wiki/LoggerConfiguration
> >
> > Regards,
> > Noel Kuntze
> >
> > GPG Key id: 0x63EC6658
> > Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
> >
> > Am 18.08.2014 um 14:56 schrieb amysue.z at gmail.com <mailto:
> amysue.z at gmail.com>:
> >> Hello,
> >
> >> My OS is centos 5.9 and i have installed Linux strongSwan
> U5.0.2/K2.6.18-348.1.1.el5.
> >> After installation,i start strongswan:
> >> ipsec start
> >> then i up an connection:
> >> ipsec up client
> >> then I get an error:*no config named 'client'*
> >> Actually, I define an connection in /etc/ipsec.conf.
> >
> >> Below is my /etc/ipsec.conf
> >
> >> /config setup/
> >> / strictcrlpolicy=no/
> >> / charonstart=yes/
> >> /
> >> /
> >> /conn %default/
> >> / ikelifetime=28800s/
> >> / keylife=28800s/
> >> / rekeymargin=3m/
> >> / keyingtries=3/
> >> / keyexchange=ikev2/
> >> / ike=3des-sha1-modp1024/
> >> / esp=3des-sha1/
> >> /
> >> /
> >> /conn client/
> >> / left=12.12.1.203/ <http://12.12.1.203/>
> >> / leftsourceip=%config/
> >> / leftcert=client1_cert.pem/
> >> / leftid="/C=CN/ST=SH/O=CS/CN=IKEv2_Client1"/
> >> / right=11.11.11.200/ <http://11.11.11.200/>
> >> / rightid="/C=CN/ST=SH/O=CS/CN=11.11.11.200"/
> >> / rightsubnet=192.168.168.0/24 <http://192.168.168.0/24> <
> http://192.168.168.0/24>/
> >> / auto=add/
> >> /
> >> /
> >> I have no idea what to do now, I really need your help, any one could
> help me?
> >> Thank you very much
> >
> >
> >
> >> _______________________________________________
> >> Users mailing list
> >> Users at lists.strongswan.org <mailto:Users at lists.strongswan.org>
> >> https://lists.strongswan.org/mailman/listinfo/users
> >
> > _______________________________________________
> > Users mailing list
> > Users at lists.strongswan.org <mailto:Users at lists.strongswan.org>
> > https://lists.strongswan.org/mailman/listinfo/users
> >
> >
> >
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2
>
> iQIcBAEBAgAGBQJT8fycAAoJEDg5KY9j7GZYpTcP/iukAF34z42AVNwxbTo3Ow8t
> +aNESIoYH+8VLpQM2ZKLt3GNd9Ni4TqQkn3pz2+R21jx+2x1vSqhtfUa8UjxsXsl
> UNfmOzAjw9eNFiR8XvtmD/oMJecitea++l0zQKKwoUEWujvrk+ADf48/ixMEVkxN
> h99mC5qkvo878regENvBwn6nRgnT13n2wlIDE/WHyLCCcQWol3DJifYU/acUYWIj
> ixn+LLeIOz6xJdCWMj914KeRo/P+cmhoUx/su4+DRtIE3oIO0scYVsjkewIBBBy/
> l8TZ3+jn+CeQ/OvmiJHVhoMhUTN2cjUw/CKOQsiD1Mzke3S/ZgE0VghKQEKYFJnF
> r09O2D7ML0gf8p5F0psXYf7Z3Md8Hyma9X8CJleZ+UZbciVPshW2eniDUGOTX9F1
> dalsDT9IuIAeeTYFqXG1Hpu70adbBdOtMStNiFms4qp09YU5lya1PDHiW6OJQJzk
> qLd/4p0XU11M7FIlX77EY+erzqa0ocTX/anhU4d8kaHj/yscjs+jCut3h3yMh1Wr
> jZMmSd2Sya+y7mVWGJZM6J881oKmWBOZnxAbUz8GWVqS0YrL5xONZflCXcJ7AlM6
> rsdomGi69E7uOUeoS2Ophik+KPFU3z1YXPekwoZ1G5lpGO3AcPR1k6JlG0kc5kPU
> LeKodA7uufdB3uaXDmo/
> =v2BP
> -----END PGP SIGNATURE-----
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20140819/211c089f/attachment-0001.html>
More information about the Users
mailing list