[strongSwan] error-notify plugin for IKEv1?
Ghose, Gautam
gautam.ghose at bluecoat.com
Fri Jul 17 21:42:16 CEST 2015
Hi All,
I have enabled the error-notify Plugin via the following configuration option
--enable-error-notify
but, am not seeing any notification produced for a peer-auth that is failing due to unavailability of the correct PSK on my server (implemented using strongswan 5.1.2).
More specifically, I was expecting a ERROR_NOTIFY_PEER_AUTH_FAILED notification on the error-notify default socket but nothing really showed up.
I was using the standard error-notify utility invoked via
ipsec error-notify
After some digging around in strongswan source code I have a suspicion that this error-notification, particularly for PEER_AUTH_FAILED, is implemented only for IKEv2 clients.
In my case, my ipsec client is shrewsoft and using IKEv1.
Has anybody been successful in using error-notify for IKEv1? If yes, how do I go about this?
Or, am I missing something else?
Thanks,
Gautam
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20150717/cd74567c/attachment.html>
More information about the Users
mailing list