[strongSwan] Strongswan 5.8 broke my setup

Andreas Steffen andreas.steffen at strongswan.org
Mon Jul 8 09:19:35 CEST 2019


Hi,

since strongSwan 5.8 is a major version we made the following changes
to the naming of the strongSwan systemd service files:

  systemctl start strongswan now starts the charon-systemd daemon which
  communicates via the vici interface e.g. using the swanctl command
  line tool

  systemctl start strongswan-swanctl is now an alias for
  systemctl start strongswan

The old behaviour with the starter process spawning the charon daemon
which in turn communicates via the whack interface can be retained
just by executing

  systemctl start strongswan-starter

Sorry for the inconvenience but vici and swanctl.conf has been our
preferred way of managing strongSwan for the last few years and this
is a further step to make it our default. Nevertheless we are still
committed to support the old whack and ipsec.conf interface.

Best regards

Andreas

On 07.07.19 17:50, A P wrote:
> I used to do:
> 
> systemctl restart strongswan
> systemctl restart xl2tpd
> ipsec up myvpn
> 
> 
> Now the last step produces nothing!
> 
> 
> The difference in the logs:
> 
> - new log (broken setup) has these, which old (working) does not have:
> swanctl[29887]: no files found matching '/etc/swanctl/conf.d/*.conf'
> swanctl[29887]: no authorities found, 0 unloaded
> swanctl[29887]: no pools found, 0 unloaded
> swanctl[29887]: no connections found, 0 unloaded
> 
> - old log (working) has these, which new one (broken) never has:
> ipsec[1592]: charon (1601) started after 20 ms
> ipsec_starter[1592]: charon (1601) started after 20 ms
> charon[1601]: 07[CFG] received stroke: add connection 'myvpn'
> charon[1601]: 07[CFG] added configuration 'myvpn'
> 
> 
> Why did you have to break things?
======================================================================
Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Open Source VPN Solution!          www.strongswan.org
Institute for Networked Solutions
HSR University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[INS-HSR]==

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2945 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20190708/85d9b046/attachment.bin>


More information about the Users mailing list