Hello,
We have an IPsec connection between a Cisco 2800 series and a
strongSwan Linux box. Everything works fine when the Cisco
box initiates the connection, but when the strongSwan box
initiates the connection and the first algorithm in the
esp= line isn't supported by the Cisco we get
Hello all,
A little background. I am still trying to get a robust
solution for restarting IPsec connections. I asked this
a while ago:
https://lists.strongswan.org/pipermail/users/2009-January/003058.html
Martin helped out by pointing out the keyingtries=%forever
configuration parameter. This
Hello,
A while ago I asked about Linux Ipsec/Route interactions
(https://lists.strongswan.org/pipermail/users/2008-March/002320.html).
Andreas's response was very informative and I have put it under my
pillow at night and think I understand most of it.
One thing really doesn't make sense yet.
Hello all,
I have been running strongSwan for a while on some of my
networks and have been having a few stability issues. I am
working on getting to root cause on a few of them and was
wondering if other people are having these issues:
1.) DPD'd connections with dpaction=restart sometimes stop
Hello,
In November of 2008 I had an issue with Strongswan
being unable to add SAD entries in my IPv4 only kernel.
Martin made me a snazzy patch that fixed all my woes:
(https://lists.strongswan.org/pipermail/users/2008-November/002925.html)
I just upgraded from Strongswan 4.3.4 to 4.5.1 and my
if you have an old Linux kernel then just define
esp=aes128-sha256_96
and everything will be fine.
Drat! It worked! Thanks. I do believe I went the long way about
diagnosing that issue, but it works now.
Thanks Andreas,
Barry
___
Users
Hello,
I am having trouble with strongSwan 4.5.2 on the PowerPC platform.
Specifically I am getting a signal 11 in openssl_diffie_hellman_create.
Googling turned up
http://comments.gmane.org/gmane.network.vpn.strongswan.devel/610
which recommended I compile with -mlongcall. I added that to
Hi Tobias,
Thanks for the information. That is an interesting bug.
[1] http://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=11d6bc3e
I applied the patch (which did apply cleanly) and everything started working.
Thanks again for all the help,
Barry