[strongSwan] Creation of VICI socket fails (strongswan-5.2.2)

Noel Kuntze noel at familie-kuntze.de
Fri Mar 20 16:23:52 CET 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hello Chinmaya,

That's because I'm answering to the mailing list, not you and the mailing list.
I'm doing the latter now.

Does the socket does not exist before you run strongSwan? Do you maybe
run two instances parallel by accident? Did you make sure to uninstall previous
installations of strongswan?

Mit freundlichen Grüßen/Kind Regards,
Noel Kuntze

GPG Key ID: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658

Am 20.03.2015 um 09:01 schrieb Chinmaya Dwibedy:
>
>
> Hi Noel,
> I do not know why I am not getting the response in  my  email Id ( registered with users list) . Anyway checked the response at https://www.mail-archive.com/users@lists.strongswan.org/msg09148.html. Thank you for prompt reply.
> Yes, launched Charon as a root user. I used the followings configuration options
> ./configure --prefix=/usr --sysconfdir=/etc --enable-load-tester --enable-ctr --enable-ccm --enable-gcm --enable-vici --enable-error-notify
> Thereafter did make clean && make && make install . I am using the Fedora release 17.
> [root at sefpdev-1 strongswan-5.2.2]# cat /etc/issue
> Fedora release 17 (Beefy Miracle)
> Kernel \r on an \m (\l)
> [root at sefpdev-1 strongswan-5.2.2]#
> 
> [root at sefpdev-1 strongswan-5.2.2]# uname -a
> Linux sefpdev-1 3.9.10-100.fc17.x86_64 #1 SMP Sun Jul 14 01:31:27 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux
> [root at sefpdev-1 strongswan-5.2.2]#
> 
> 
> [root at sefpdev-1 strongswan-5.2.2]# uname -r
> 3.9.10-100.fc17.x86_64
> [root at sefpdev-1 strongswan-5.2.2]#
> 
> [root at sefpdev-1 strongswan-5.2.2]# file /var/run/charon.vici
> /var/run/charon.vici: socket
> [root at sefpdev-1 strongswan-5.2.2]#
> [root at sefpdev-1 strongswan-5.2.2]# sestatus
> SELinux status:                 disabled
> [root at sefpdev-1 strongswan-5.2.2]#
> 
> Regards,
> Chinmaya
> 
>
>
> On Friday, March 20, 2015 1:00 PM, Chinmaya Dwibedy <ckdwibedy at yahoo.com> wrote:
>
>
> 
> Hi ,
> I am trying to use the swanctl utility (i.e., a command line application to configure and control charon) (strongswan: 5.2.2) . I configured the /etc/swanctl/swanctl.conf file (On IKE Initiator end) and then upon trying to initiate the connection  thru #swanctl --load-conns, it gives the following errors
> connecting to 'unix:///var/run/charon.vici' failed: Connection refused
> Error: connecting to 'default' URI failed: Connection refused
> strongSwan 5.2.2 swanctl
> 
> I run the #ipsec start command to get the startup log and found that, creation of VICI socket is getting failed.  Can anyone suggest how to resolve this ?
> 
> [root at sefpdev-1 strongswan-5.2.2]# cat /var/log/charon.log | grep vici
> Mar 20 00:00:15 00[LIB] plugin 'vici': loaded successfully
> Mar 20 00:00:15 00[LIB] loading feature CUSTOM:vici in plugin 'vici'
> Mar 20 00:00:15 00[CFG] creating vici socket failed
> Mar 20 00:00:15 00[LIB] feature CUSTOM:vici in plugin 'vici' failed to load
> Mar 20 00:00:15 00[LIB] unloading plugin 'vici' without loaded features
> [root at sefpdev-1 strongswan-5.2.2]#
>
> Regards,
> Chinmaya
>
>
>
>
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJVDDuIAAoJEDg5KY9j7GZYkqYQAIKegUFgouGO75ex7fBHkyf/
DselxMKFYdDCiUTaGZxOtZPcc6MmJQ9Qz4gth1NH8BFQC/KhNz0ZnUFFp79srM6s
AtUqa4T95kGSs6N7lVKBS6sfJZ87r1dUkjS6OVwTIcMUv3FSE3rJc/TVCzrL+jW/
w9fuyOQEaFzIwF5wgFoMLGL60dXGTta1i/Jsricw0++t7agm0YpueXnV2yyFfiur
0A68GwmUOAUpiIa6P+EerOIDnhsXIRpa+rqPZjsCEZc7/LNiifbP7rdDz6+PxxNu
PfYTAr3Vo1B9/NApKS+Ul3ha0YbUogKYz6GscNyAFpO7A1tvqzNO1HQX3MjHwK4b
BsY5VzB2XvppjqbmEy3Ew8qrHXksmXB4Y/UZKrJ7P5mnD0tfQvHg8O9JcX73m6uz
cBDh/PYtJqP75bb5oP3OyDhceAEq1T38bYYX8CQLSZ4v0dNGD9C5N+SFvfxmp/xv
MImlHiISiG+i9wOQAsYQfiAAzHWiqffz4lQX/18tHgwkuyb5+7yf0hVb2hTgncyN
tSkkxuGk4QcxMrLSxIOppuAvr29f3JCj/GoEve4K6pZBauHI1CVGS/mIMRJ5DVHe
ErT24aVvfN6M7mvuqW/zfxfWw6/t5AlGLpnQ8wuIgS7CULzW/pKi9qTMG1kfdpYD
gSXfKBZaWxpn8tn+KU5L
=v+Cc
-----END PGP SIGNATURE-----




More information about the Users mailing list