[strongSwan] [Strongswan] no config named 'client'

Andreas Steffen andreas.steffen at strongswan.org
Tue Aug 19 06:36:06 CEST 2014 

Hello Amysue,

you have to build strongSwan with

  ./configure --sysconfdir=/etc

Regards

Andreas

On 08/19/2014 05:18 AM, amysue.z at gmail.com wrote:
> Hi Noel,
> 
> I have checked the strongswan logs at /var/log/messages, and I found
> that it load the conf directory  /usr/loca/etc, while I put all my conf
> files at /etc, which I think cause my problem.
> Is there any way that I can change the conf directory to /etc.
> 
> Thanks,
> 
> 
> 2014-08-18 21:16 GMT+08:00 Noel Kuntze <noel at familie-kuntze.de
> <mailto:noel at familie-kuntze.de>>:
> 
> Hello Amysue
> 
> Please refer to [2] for a how-to for installing strongSwan.
> Please note that some modules that could be necessary for your setup
> need to be compiled by giving the corresponding parameters to
> ./configure.
> 
> Regards,
> Noel Kuntze
> 
> GPG Key id: 0x63EC6658
> Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
> 
> Am 18.08.2014 um 15:12 schrieb amysue.z at gmail.com
> <mailto:amysue.z at gmail.com>:
>> I also want to know are there any special configurations to
> install strongswan for ikev2 mobike?
> 
>> For install strongswan to my pc, I just
>> /./configure/
>> /make/
>> /make install/
>> /
>> /
>> Thanks,
> 
> 
>> 2014-08-18 21:08 GMT+08:00 <amysue.z at gmail.com
> <mailto:amysue.z at gmail.com> <mailto:amysue.z at gmail.com
> <mailto:amysue.z at gmail.com>>>:
> 
>>     Hi Noel,
>>     The output of "ipsec statusall" is
>>     /Status of IKE charon daemon (strongSwan 5.0.2, Linux
> 2.6.18-348.1.1.el5, i686):/
>>     /  uptime: 14 minutes, since Aug 18 18:21:46 2014/
>>     /  malloc: sbrk 135168, mmap 0, used 86616, free 48552/
>>     /  worker threads: 8 of 16 idle, 7/1/0/0 working, job queue:
> 0/0/0/0, scheduled: 0/
>>     /  loaded plugins: charon aes des sha1 sha2 md5 random nonce
> x509 revocation constraints pubkey pkcs1 pkcs8 pgp dnskey pem
> fips-prf gmp xcbc cmac hmac attr kernel-netlink resolve
> socket-default stroke updown eap-md5 eap-radius xauth-generic/
>>     /Listening IP addresses:/
>>     /  192.168.2.6/ <http://192.168.2.6/>
>>     /  12.12.1.203/ <http://12.12.1.203/>
>>     /Connections:/
>>     /Security Associations (0 up, 0 connecting):/
>>     /  none/
> 
>>     And, how do I  enable logging[1] ? I don't use strongswan
> much, So it feel difficult for me.
>>     Thank you again for your help
> 
> 
> 
>>     2014-08-18 21:02 GMT+08:00 Noel Kuntze <noel at familie-kuntze.de
> <mailto:noel at familie-kuntze.de> <mailto:noel at familie-kuntze.de
> <mailto:noel at familie-kuntze.de>>>:
> 
>> Hello,
> 
>> Check your system log for errors and show us the output of "ipsec
> statusall".
>> Sometimes, it takes a couple of seconds for the daemon to load the
> configuration. Waiting a bit can help in this case.
>> The reason for this is, that all the ipsec commands are asynchronous.
>> If the configuration isn't loaded for a couple of seconds, please
> enable logging[1].
>> StrongSwan can handle Mobike. It's a daemon thing, not a kernel thing.
> 
>> [1]
> https://wiki.strongswan.org/projects/strongswan/wiki/LoggerConfiguration
> 
>> Regards,
>> Noel Kuntze
> 
>> GPG Key id: 0x63EC6658
>> Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
> 
>> Am 18.08.2014 um 14:56 schrieb amysue.z at gmail.com
> <mailto:amysue.z at gmail.com> <mailto:amysue.z at gmail.com
> <mailto:amysue.z at gmail.com>>:
>>> Hello,
> 
>>> My OS is centos 5.9 and i have installed Linux strongSwan
> U5.0.2/K2.6.18-348.1.1.el5.
>>> After installation,i start strongswan:
>>> ipsec start
>>> then i up an connection:
>>> ipsec up client
>>> then I get an error:*no config named 'client'*
>>> Actually, I define an connection in /etc/ipsec.conf.
> 
>>> Below is my /etc/ipsec.conf
> 
>>> /config setup/
>>> /    strictcrlpolicy=no/
>>> /    charonstart=yes/
>>> /
>>> /
>>> /conn %default/
>>> /    ikelifetime=28800s/
>>> /    keylife=28800s/
>>> /    rekeymargin=3m/
>>> /    keyingtries=3/
>>> /    keyexchange=ikev2/
>>> /    ike=3des-sha1-modp1024/
>>> /    esp=3des-sha1/
>>> /
>>> /
>>> /conn client/
>>> /    left=12.12.1.203/ <http://12.12.1.203/> <http://12.12.1.203/>
>>> /    leftsourceip=%config/
>>> /    leftcert=client1_cert.pem/
>>> /    leftid="/C=CN/ST=SH/O=CS/CN=IKEv2_Client1"/
>>> /    right=11.11.11.200/ <http://11.11.11.200/>
> <http://11.11.11.200/>
>>> /    rightid="/C=CN/ST=SH/O=CS/CN=11.11.11.200"/
>>> /    rightsubnet=192.168.168.0/24 <http://192.168.168.0/24>
> <http://192.168.168.0/24> <http://192.168.168.0/24>/
>>> /    auto=add/
>>> /
>>> /
>>> I have no idea what to do now, I really need your help, any one
> could help me?
>>>  Thank you very much
> 

======================================================================
Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Open Source VPN Solution!          www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4255 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20140819/d45866b8/attachment-0001.bin>

More information about the Users mailing list