[strongSwan] Creation of VICI socket fails (strongswan-5.2.2)

Chinmaya Dwibedy ckdwibedy at yahoo.com
Tue Mar 24 13:00:41 CET 2015


Hi Noel,Thank youfor the response. Connecting requires an uri, prefixed with unix://. I addedthe below in strongswan.conf file and there is no issue.     vici {                         socket =unix:///var/run/charon.vici                }  Configuredthe /etc/swanctl.conf and   trigged #swanctl --load-conns (which loadsconnection configuration) to initiate and establish the IPsec tunnel with IKEResponder. The swanctl works independently from starter, ipsec.conf file. Isthere any way to get rid of any configuration file (i.e., swanctl.conf andstrongswan.conf) and configure, controland monitor the IKE daemon Charon via command line interface only? Regards,Chinmaya 


     On Friday, March 20, 2015 1:31 PM, Chinmaya Dwibedy <ckdwibedy at yahoo.com> wrote:
   

 

Hi Noel,Ido not know why I am not getting the response in  my  email Id ( registered withusers list) . Anyway checked the response at https://www.mail-archive.com/users@lists.strongswan.org/msg09148.html.Thank you for prompt reply.Yes,launched Charon as a root user. I used the followings configuration options./configure--prefix=/usr --sysconfdir=/etc --enable-load-tester --enable-ctr --enable-ccm--enable-gcm --enable-vici --enable-error-notifyThereafterdid make clean && make && make install . I am using the Fedorarelease 17.[root at sefpdev-1strongswan-5.2.2]# cat /etc/issueFedorarelease 17 (Beefy Miracle)Kernel\r on an \m (\l)[root at sefpdev-1strongswan-5.2.2]# [root at sefpdev-1strongswan-5.2.2]# uname -aLinuxsefpdev-1 3.9.10-100.fc17.x86_64 #1 SMP Sun Jul 14 01:31:27 UTC 2013 x86_64x86_64 x86_64 GNU/Linux[root at sefpdev-1strongswan-5.2.2]#  [root at sefpdev-1strongswan-5.2.2]# uname -r3.9.10-100.fc17.x86_64[root at sefpdev-1strongswan-5.2.2]# [root at sefpdev-1strongswan-5.2.2]# file /var/run/charon.vici/var/run/charon.vici:socket[root at sefpdev-1strongswan-5.2.2]#[root at sefpdev-1strongswan-5.2.2]# sestatusSELinuxstatus:                 disabled[root at sefpdev-1strongswan-5.2.2]# Regards,Chinmaya  


     On Friday, March 20, 2015 1:00 PM, Chinmaya Dwibedy <ckdwibedy at yahoo.com> wrote:
   

   Hi,Iam trying to use the swanctl utility (i.e., a commandline application to configure and control charon) (strongswan: 5.2.2) . I configuredthe /etc/swanctl/swanctl.conf file (On IKE Initiator end) and then upon tryingto initiate the connection  thru #swanctl--load-conns, it gives the following errorsconnecting to 'unix:///var/run/charon.vici'failed: Connection refusedError: connecting to 'default' URI failed:Connection refusedstrongSwan 5.2.2 swanctl I run the #ipsec start command to get thestartup log and found that, creation of VICI socket is getting failed.  Can anyone suggest how to resolve this ? [root at sefpdev-1strongswan-5.2.2]# cat /var/log/charon.log | grep viciMar20 00:00:15 00[LIB] plugin 'vici': loaded successfullyMar20 00:00:15 00[LIB] loading feature CUSTOM:vici in plugin 'vici'Mar20 00:00:15 00[CFG] creating vici socket failedMar20 00:00:15 00[LIB] feature CUSTOM:vici in plugin 'vici' failed to loadMar20 00:00:15 00[LIB] unloading plugin 'vici' without loaded features[root at sefpdev-1strongswan-5.2.2]#
Regards,Chinmaya

   

  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20150324/81d29c40/attachment.html>


More information about the Users mailing list