[strongSwan] errors on freebsd
rwwyatt01 at gmail.com
Fri Jul 17 17:18:39 CEST 2015
The driver is already loaded, How do I enable it instead of
Jul 15 19:25:54 saturn charon: 00[LIB] loaded plugins: charon aes des
c2 sha1 sha2 md4 md5 random nonce x509 revocation constraints pubkey pkcs1
pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf xcbc cmac hmac attr
pfkey kernel-pfroute resolve socket-default stroke updown eap-identity
ap-mschapv2 eap-tls eap-ttls eap-peap xauth-generic whitelist addrblock
On Fri, Jul 17, 2015 at 7:20 AM, Randy Wyatt <rwwyatt01 at gmail.com> wrote:
> On Fri, Jul 17, 2015 at 12:43 AM, Tobias Brunner <tobias at strongswan.org>
>> Hi Randy,
>> > Jul 15 19:50:14 saturn charon: 01[KNL] can't install route for
>> > 70.209.XXX.YYY/32[
>> > udp/l2f] === 104.236.XXX.YYY/32[udp/l2f] in, conflicts with IKE traffic
>> You seem to be using the kernel-libipsec plugin. Why? Just use the
>> kernel-pfkey and kernel-pfroute plugins.
>> This package was installed from the binary (pkg install strongswan).
> I will check and compile from source.
> > and the dmesg has the following error:
>> > ipsec_common_input: no key association found for SA
>> > 104.236.XXX.YYY/c5979d22/50
>> That's because the kernel has no knowledge of any IPsec SAs as the
>> kernel-libipsec plugin creates them in userland.
>> > How do I resolve this? It's for L2TP, and I have no choice.
>> How so? What's your client?
> Windows 7. I only have to support 1 client at a time. I am moving all
> services to a cheaper box.
> Thank you,
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users