[strongSwan] error-notify plugin for IKEv1?

Ghose, Gautam gautam.ghose at bluecoat.com
Fri Jul 17 21:42:16 CEST 2015


Hi All,
I have enabled the error-notify Plugin via the following configuration option

--enable-error-notify

but, am not seeing any notification produced for a peer-auth that is failing due to unavailability of the correct PSK on my server (implemented using strongswan 5.1.2).
More specifically, I was expecting a ERROR_NOTIFY_PEER_AUTH_FAILED notification on the error-notify default socket but nothing really showed up.
I was using the standard error-notify utility invoked via



ipsec error-notify

After some digging around in strongswan source code I have a suspicion that this error-notification, particularly for PEER_AUTH_FAILED, is implemented only for IKEv2 clients.
In my case, my ipsec client is shrewsoft and using IKEv1.

Has anybody been successful in using error-notify for IKEv1? If yes, how do I go about this?
Or, am I missing something else?

Thanks,
Gautam

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20150717/cd74567c/attachment.html>


More information about the Users mailing list