[strongSwan] no IDr configured, fall back on IP address

Tobias Brunner tobias at strongswan.org
Fri Jan 18 15:38:34 CET 2019


Hi,

> I've had my certs okey but now (I admit I've not used this tunnel in
> long time) this connection fails and it seems due to some cert issues.

Not directly, but it could be related.

> But am I right to blame some change in my strongswan package? What can
> be the problem?

Your config?  Old/invalid credentials?  In any case, read the log during
start up and check for errors.

> Here is some log:

Not the complete one, though.

> 13[CFG] no IDr configured, fall back on IP address
> 13[IKE] no priv key found for '172.24.154.202'

This means you don't have a local identity (leftid) set and that the
daemon falls back to using the IP address as identity (as responder IDr
is the local identity).  However, for that particular identity no
certificate and private key is found.  If you configured leftcert and
the certificate was loaded successfully the local identity should
default to that certificate's subject DN, so maybe the certificate was
not loaded.  Again, check the log when credentials/configs are loaded
for errors.

Regards,
Tobias


More information about the Users mailing list