[strongSwan] Ubuntu and openswan migration to strongswan

Kostya Vasilyev kman at fastmail.com
Sat Feb 16 16:04:00 CET 2019

On Sat, Feb 16, 2019, at 10:09 AM, Rudi Barnard wrote:
> Hi,
> Have been using openswan on Ubuntu 14.04 on AWS EC2 for site to site
> connections (Ikev1 + PSK).> Recently upgraded an image of the Ubuntu EC2 instance from 14.04
> to 18.04.> Result is that openswan gets replaced with Strongswan. I eventually
> did a scratch install of strongswan and also installed the Cisco
> plugin for multiple subnet support.> 
> Now testing one of the MANY VPNs we have previously setup on openswan.> Tunnels are up but ip xfrm policy / state shows no entry and therefore
> I assume that there is config issue.> 
> Very new with Strongswan so not sure where to start troubleshooting.
> Thanks.
> [snip]

I'm a newbie too, but ... anything interesting in the logs?

journalctl -f -u strongswan

And then force a reconnect from a client.


By the way, this is like a plague that gets copied from tutorial
to tutorial:
        charondebug="ike 1, knl 1, cfg 0"

You may want to set "cfg" log level to 1 or even 2 (and the others too)
for troubleshooting.
-- K

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20190216/ed945686/attachment.html>

More information about the Users mailing list