[strongSwan] Strongswan 5.8 broke my setup
andreas.steffen at strongswan.org
Mon Jul 8 09:19:35 CEST 2019
since strongSwan 5.8 is a major version we made the following changes
to the naming of the strongSwan systemd service files:
systemctl start strongswan now starts the charon-systemd daemon which
communicates via the vici interface e.g. using the swanctl command
systemctl start strongswan-swanctl is now an alias for
systemctl start strongswan
The old behaviour with the starter process spawning the charon daemon
which in turn communicates via the whack interface can be retained
just by executing
systemctl start strongswan-starter
Sorry for the inconvenience but vici and swanctl.conf has been our
preferred way of managing strongSwan for the last few years and this
is a further step to make it our default. Nevertheless we are still
committed to support the old whack and ipsec.conf interface.
On 07.07.19 17:50, A P wrote:
> I used to do:
> systemctl restart strongswan
> systemctl restart xl2tpd
> ipsec up myvpn
> Now the last step produces nothing!
> The difference in the logs:
> - new log (broken setup) has these, which old (working) does not have:
> swanctl: no files found matching '/etc/swanctl/conf.d/*.conf'
> swanctl: no authorities found, 0 unloaded
> swanctl: no pools found, 0 unloaded
> swanctl: no connections found, 0 unloaded
> - old log (working) has these, which new one (broken) never has:
> ipsec: charon (1601) started after 20 ms
> ipsec_starter: charon (1601) started after 20 ms
> charon: 07[CFG] received stroke: add connection 'myvpn'
> charon: 07[CFG] added configuration 'myvpn'
> Why did you have to break things?
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Networked Solutions
HSR University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 2945 bytes
Desc: S/MIME Cryptographic Signature
More information about the Users