[strongSwan] trap not found, unable to acquire reqid
rajeev nohria
rajnohria at gmail.com
Mon Jun 13 20:24:52 CEST 2016
Noel,
I was able to install policy using swanctl --install and a packet from data
plane was able to trigger the SAs.
Thanks for you help.
Rajeev
On Mon, Jun 13, 2016 at 1:24 PM, rajeev nohria <rajnohria at gmail.com> wrote:
> Noel,
> I am using Strongswan 5.4 with swanctl.conf and strongswan.conf. There is
> no option for auto=route. Is there anything equivalent?
> Thanks,
> Rajeev
>
> On Mon, Jun 6, 2016 at 10:15 AM, Noel Kuntze <noel at familie-kuntze.de>
> wrote:
>
>> On 06.06.2016 14:28, rajeev nohria wrote:
>> >
>> > IKEv2 should be able to create SA when there are only policies
>> installed and a packet matches with the policy. That was reason I was
>> expecting for above ping to work. If that is not the case what is the use
>> of ACQUIRE message? Let me know if I am missing something here.
>>
>> Charon can only initiate an SA to a remote host, if it has a
>> configuration for that host. Because you installed the policies yourself,
>> charon does not have a configuration.
>>
>> You have to configure it correctly and use auto=route. Do not install
>> policies yourself. As you found out, it does not work if you do that.
>>
>> --
>>
>> Mit freundlichen Grüßen/Kind Regards,
>> Noel Kuntze
>>
>> GPG Key ID: 0x63EC6658
>> Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20160613/80a681f9/attachment.html>
More information about the Users
mailing list