On Sat, 13 Jan 2024 at 18:13, Bill Atwood <williamatwoo...@gmail.com> wrote: > > ?? > > I do not understand your reply.
Offhand, it looks like the connection should match: conn RITA6c left=fd51:20d9:5ad2:b::2 leftid="CN=Ritchie Certificate" leftrsasigkey=%cert leftcert=RIcert right=fd51:20d9:5ad2:b::1 rightid="CN=Tarjan Certificate" rightrsasigkey=%cert auto=add the interface: 2: enp4s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000 inet6 fd51:20d9:5ad2:b::2/64 scope global valid_lft forever preferred_lft forever inet6 fe80::21a:a0ff:fe15:62b8/64 scope link valid_lft forever preferred_lft forever yet the output indicates that it couldn't vis: "RITA6c": we cannot identify ourselves with either end of this connection. fd51:20d9:5ad2:b::2 or fd51:20d9:5ad2:b::1 are not usable Two things to try: - confirm that librreswan is listening on those interfaces vis: ipsec status | grep interface - drop the auto=add from the connection and then run: ipsec add RITA6c ipsec up RITA6c manually and confirm the problem persists. > Libreswan refused to set up the connection, saying that > "fd51:20d9:5ad2:b::2 or fd51:20d9:5ad2:b::1 are not usable". > > Bill > > On 1/13/2024 5:54 PM, Tuomo Soini wrote: > > On Sat, 13 Jan 2024 16:56:29 -0500 > > Bill Atwood <williamatwoo...@gmail.com> wrote: > > > >> (continued from " 5.0 RC1 connection not found", with changed > >> subject, because this is a new error). > >> > >> After renaming RITA6C to RITA6C.conf, I ran: > >> > >> sudo ipsec add RITA6c > >> > >> which reported that an IPsec connection had been established. > >> > >> However: > >> > >> ip addr show > >> > >> did *not* show the new interface. Subsequently running > > > > There is no interfaces for IPsec with XFRM by default. So your test > > worked just fine without any problems. > > > > _______________________________________________ > Swan-dev mailing list > Swan-dev@lists.libreswan.org > https://lists.libreswan.org/mailman/listinfo/swan-dev _______________________________________________ Swan-dev mailing list Swan-dev@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-dev