[strongSwan] [Strongswan] no config named 'client'

Noel Kuntze noel at familie-kuntze.de
Tue Aug 19 08:57:47 CEST 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello Amysu, Hello Andreas,

I think you should always "make uninstall", before you run "make clean" or install strongSwan with another --bindir or other directory. 
Otherwise you'll end up with files all over the place.

Regards,
Noel Kuntze

GPG Key id: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658

Am 19.08.2014 um 07:28 schrieb Andreas Steffen:
> Hello Amysu,
> 
> go into the strongswan source directory and execute
> 
>   make clean
>  ./configure --sysconfdir=/etc  <any other options>
>  make
>  make install
> 
> and the path pointing to the configuration files is changed from
>  /usr/local/etc to /etc. If you want you to clean up you can remove
> the old configuration files:
> 
> cd /usr/local/etc
> rm -r ipsec.d swanctl ipsec.secrets ipsec.conf strongswan.conf
> 
> Best regards
> 
> Andreas
> 
> On 08/19/2014 07:02 AM, amysue.z at gmail.com wrote:
>> Hello Andreas,
>>
>> I have installed strongswan, how can change the sysconfdir, should I
>> uninstall it first? I don't know how to uninstall strongswan?
>>
>> Thanks for your help
>>
>>
>> 2014-08-19 12:36 GMT+08:00 Andreas Steffen
>> <andreas.steffen at strongswan.org <mailto:andreas.steffen at strongswan.org>>:
>>
>>     Hello Amysue,
>>
>>     you have to build strongSwan with
>>
>>       ./configure --sysconfdir=/etc
>>
>>     Regards
>>
>>     Andreas
>>
>>     On 08/19/2014 05:18 AM, amysue.z at gmail.com
>>     <mailto:amysue.z at gmail.com> wrote:
>>     > Hi Noel,
>>     >
>>     > I have checked the strongswan logs at /var/log/messages, and I found
>>     > that it load the conf directory  /usr/loca/etc, while I put all my
>>     conf
>>     > files at /etc, which I think cause my problem.
>>     > Is there any way that I can change the conf directory to /etc.
>>     >
>>     > Thanks,
>>     >
>>     >
>>     > 2014-08-18 21:16 GMT+08:00 Noel Kuntze <noel at familie-kuntze.de
>>     <mailto:noel at familie-kuntze.de>
>>     > <mailto:noel at familie-kuntze.de <mailto:noel at familie-kuntze.de>>>:
>>     >
>>     > Hello Amysue
>>     >
>>     > Please refer to [2] for a how-to for installing strongSwan.
>>     > Please note that some modules that could be necessary for your setup
>>     > need to be compiled by giving the corresponding parameters to
>>     > ./configure.
>>     >
>>     > Regards,
>>     > Noel Kuntze
>>     >
>>     > GPG Key id: 0x63EC6658
>>     > Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
>>     >
>>     > Am 18.08.2014 um 15:12 schrieb amysue.z at gmail.com
>>     <mailto:amysue.z at gmail.com>
>>     > <mailto:amysue.z at gmail.com <mailto:amysue.z at gmail.com>>:
>>     >> I also want to know are there any special configurations to
>>     > install strongswan for ikev2 mobike?
>>     >
>>     >> For install strongswan to my pc, I just
>>     >> /./configure/
>>     >> /make/
>>     >> /make install/
>>     >> /
>>     >> /
>>     >> Thanks,
>>     >
>>     >
>>     >> 2014-08-18 21:08 GMT+08:00 <amysue.z at gmail.com
>>     <mailto:amysue.z at gmail.com>
>>     > <mailto:amysue.z at gmail.com <mailto:amysue.z at gmail.com>>
>>     <mailto:amysue.z at gmail.com <mailto:amysue.z at gmail.com>
>>     > <mailto:amysue.z at gmail.com <mailto:amysue.z at gmail.com>>>>:
>>     >
>>     >>     Hi Noel,
>>     >>     The output of "ipsec statusall" is
>>     >>     /Status of IKE charon daemon (strongSwan 5.0.2, Linux
>>     > 2.6.18-348.1.1.el5, i686):/
>>     >>     /  uptime: 14 minutes, since Aug 18 18:21:46 2014/
>>     >>     /  malloc: sbrk 135168, mmap 0, used 86616, free 48552/
>>     >>     /  worker threads: 8 of 16 idle, 7/1/0/0 working, job queue:
>>     > 0/0/0/0, scheduled: 0/
>>     >>     /  loaded plugins: charon aes des sha1 sha2 md5 random nonce
>>     > x509 revocation constraints pubkey pkcs1 pkcs8 pgp dnskey pem
>>     > fips-prf gmp xcbc cmac hmac attr kernel-netlink resolve
>>     > socket-default stroke updown eap-md5 eap-radius xauth-generic/
>>     >>     /Listening IP addresses:/
>>     >>     /  192.168.2.6/ <http://192.168.2.6/> <http://192.168.2.6/>
>>     >>     /  12.12.1.203/ <http://12.12.1.203/> <http://12.12.1.203/>
>>     >>     /Connections:/
>>     >>     /Security Associations (0 up, 0 connecting):/
>>     >>     /  none/
>>     >
>>     >>     And, how do I  enable logging[1] ? I don't use strongswan
>>     > much, So it feel difficult for me.
>>     >>     Thank you again for your help
>>     >
>>     >
>>     >
>>     >>     2014-08-18 21:02 GMT+08:00 Noel Kuntze
>>     <noel at familie-kuntze.de <mailto:noel at familie-kuntze.de>
>>     > <mailto:noel at familie-kuntze.de <mailto:noel at familie-kuntze.de>>
>>     <mailto:noel at familie-kuntze.de <mailto:noel at familie-kuntze.de>
>>     > <mailto:noel at familie-kuntze.de <mailto:noel at familie-kuntze.de>>>>:
>>     >
>>     >> Hello,
>>     >
>>     >> Check your system log for errors and show us the output of "ipsec
>>     > statusall".
>>     >> Sometimes, it takes a couple of seconds for the daemon to load the
>>     > configuration. Waiting a bit can help in this case.
>>     >> The reason for this is, that all the ipsec commands are asynchronous.
>>     >> If the configuration isn't loaded for a couple of seconds, please
>>     > enable logging[1].
>>     >> StrongSwan can handle Mobike. It's a daemon thing, not a kernel
>>     thing.
>>     >
>>     >> [1]
>>     >
>>     https://wiki.strongswan.org/projects/strongswan/wiki/LoggerConfiguration
>>     >
>>     >> Regards,
>>     >> Noel Kuntze
>>     >
>>     >> GPG Key id: 0x63EC6658
>>     >> Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
>>     >
>>     >> Am 18.08.2014 um 14:56 schrieb amysue.z at gmail.com
>>     <mailto:amysue.z at gmail.com>
>>     > <mailto:amysue.z at gmail.com <mailto:amysue.z at gmail.com>>
>>     <mailto:amysue.z at gmail.com <mailto:amysue.z at gmail.com>
>>     > <mailto:amysue.z at gmail.com <mailto:amysue.z at gmail.com>>>:
>>     >>> Hello,
>>     >
>>     >>> My OS is centos 5.9 and i have installed Linux strongSwan
>>     > U5.0.2/K2.6.18-348.1.1.el5.
>>     >>> After installation,i start strongswan:
>>     >>> ipsec start
>>     >>> then i up an connection:
>>     >>> ipsec up client
>>     >>> then I get an error:*no config named 'client'*
>>     >>> Actually, I define an connection in /etc/ipsec.conf.
>>     >
>>     >>> Below is my /etc/ipsec.conf
>>     >
>>     >>> /config setup/
>>     >>> /    strictcrlpolicy=no/
>>     >>> /    charonstart=yes/
>>     >>> /
>>     >>> /
>>     >>> /conn %default/
>>     >>> /    ikelifetime=28800s/
>>     >>> /    keylife=28800s/
>>     >>> /    rekeymargin=3m/
>>     >>> /    keyingtries=3/
>>     >>> /    keyexchange=ikev2/
>>     >>> /    ike=3des-sha1-modp1024/
>>     >>> /    esp=3des-sha1/
>>     >>> /
>>     >>> /
>>     >>> /conn client/
>>     >>> /    left=12.12.1.203/ <http://12.12.1.203/>
>>     <http://12.12.1.203/> <http://12.12.1.203/>
>>     >>> /    leftsourceip=%config/
>>     >>> /    leftcert=client1_cert.pem/
>>     >>> /    leftid="/C=CN/ST=SH/O=CS/CN=IKEv2_Client1"/
>>     >>> /    right=11.11.11.200/ <http://11.11.11.200/>
>>     <http://11.11.11.200/>
>>     > <http://11.11.11.200/>
>>     >>> /    rightid="/C=CN/ST=SH/O=CS/CN=11.11.11.200"/
>>     >>> /    rightsubnet=192.168.168.0/24 <http://192.168.168.0/24>
>>     <http://192.168.168.0/24>
>>     > <http://192.168.168.0/24> <http://192.168.168.0/24>/
>>     >>> /    auto=add/
>>     >>> /
>>     >>> /
>>     >>> I have no idea what to do now, I really need your help, any one
>>     > could help me?
>>     >>>  Thank you very much
>>     >
>>
>>     ======================================================================
>>     Andreas Steffen                       
>>      andreas.steffen at strongswan.org <mailto:andreas.steffen at strongswan.org>
>>     strongSwan - the Open Source VPN Solution!         
>>     www.strongswan.org <http://www.strongswan.org>
>>     Institute for Internet Technologies and Applications
>>     University of Applied Sciences Rapperswil
>>     CH-8640 Rapperswil (Switzerland)
>>     ===========================================================[ITA-HSR]==
>>
>>
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBAgAGBQJT8vVqAAoJEDg5KY9j7GZYJMwP/jyVVAKKSktieQpiN3C9j1MT
kzexEFHJ+V98pL69QhidyEhRQMtWGivZlw3tEraR/9eOj6gvNipXHZeVtGgLsWfU
3ovXZGTzjpD0qac7lIB2zVw/aypkx3VD1B1UEKjtwxdtqHE+ao2zGcbY84UZ9WIk
qmjNhcuIWl3d4UPwq8dlUu9aKHbJBHK+r5nZDp6eKMtcPqguAsOCRcxMmm7qO3o/
2xriAFHzUBrnprQHAmSKZM08jxXsStgeEugLsw6Aq595kCNYKccWyJ64nGOPw++f
Fk3AV4jaBz0CYg5QqGoOQ5+b4NggNKBCFJzNd7lVUg/SVL5wJA6hnUCRHzb/h4pd
7m5ijUzOoFFq5WFfxKPA9Amqw2eBeeToMngifj5bpaXVHgDn16KMp6BEuLYe9DZ5
1TSQRUjdN6XrqUgwlFJuLea2IpT/tvd0OpqtwUUx77vct4LjhAzF1rL7i4BYOoq9
5bNUlxUvUFrU+9SDKjIgYaKPXOt1l4NGjigAB1wSx7Z7mSHBWqgoBYMt2V0sbKX5
GZrXakRuthUXf9dHlctOLCRgij69HjrmitK1u3DLlUA97AGHBWZgpf4utrWRer2d
sY22bT83q3yHQMZCSUSpgzL/zfa+6IS6PdQUhert+zTY9YxcwCVErFqIU3afN3Z7
i9GyCE+5b0bfDhbUPCEy
=yqqK
-----END PGP SIGNATURE-----


More information about the Users mailing list