[strongSwan] Ubuntu and openswan migration to strongswan
Rudi Barnard
rudi at flickswitch.co.za
Sat Feb 16 20:59:51 CET 2019
Issue seems to do with the Cisco Unity plugin as we are trying to connect
to multiple right subnets... All the VPNs we are connecting to is Cisco.
Have updated charon.conf and strongswan.conf with cisco_unity=yes but still
same issue. Only 1 tunnel comes up bu ip xfrm policy shows no entry.
On Sat, Feb 16, 2019 at 5:04 PM Kostya Vasilyev <kman at fastmail.com> wrote:
>
> On Sat, Feb 16, 2019, at 10:09 AM, Rudi Barnard wrote:
>
> Hi,
>
> Have been using openswan on Ubuntu 14.04 on AWS EC2 for site to site
> connections (Ikev1 + PSK).
> Recently upgraded an image of the Ubuntu EC2 instance from 14.04 to 18.04.
> Result is that openswan gets replaced with Strongswan. I eventually did a
> scratch install of strongswan and also installed the Cisco plugin for
> multiple subnet support.
>
> Now testing one of the MANY VPNs we have previously setup on openswan.
> Tunnels are up but ip xfrm policy / state shows no entry and therefore I
> assume that there is config issue.
>
> Very new with Strongswan so not sure where to start troubleshooting.
>
> Thanks.
>
> [snip]
>
>
> I'm a newbie too, but ... anything interesting in the logs?
>
> journalctl -f -u strongswan
>
> And then force a reconnect from a client.
>
> ---
>
> By the way, this is like a plague that gets copied from tutorial to
> tutorial:
>
> charondebug="ike 1, knl 1, cfg 0"
>
> You may want to set "cfg" log level to 1 or even 2 (and the others too)
> for troubleshooting.
>
> -- K
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20190216/3775f130/attachment.html>
More information about the Users
mailing list