[strongSwan] How to use af-alg plugin
Roee Agami
ragami at bluecedar.com
Wed Aug 8 14:58:28 CEST 2018
Hi,
I wish to have IKE use the crypto services of the kernel rather than the default user space ones. It was brought to my attention that af-alg plugin allows such behavior.
Now I am trying to build strongSwan with that plugin. I know of this example config:
https://www.strongswan.org/testing/testresults/af-alg/rw-cert/
And was trying to follow it, loading the same plugins listed in Carol’s strongswan.conf (except that I was loading them using the configure script instead of strongswan.conf).
Here is the output of the configure script command:
[cid:image001.png at 01D42EF5.F8FD1DB0]
Then I make and make install it, and restart ipsec.
Looking at the logs, I see messages indicating the various plugins are loaded successfully, and the last message I see is that ‘af-alg’ plugin is loaded successfully. I don’t see any other messages after that.
Running ‘ipsec statusall’ doesn’t show any output at all.
So my conclusion is that strongSwan is not running the way I wanted it to.
Can you help me figure out what am I missing?
Thanks,
Roee.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20180808/bbd6b262/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 424830 bytes
Desc: image001.png
URL: <http://lists.strongswan.org/pipermail/users/attachments/20180808/bbd6b262/attachment-0001.png>
More information about the Users
mailing list