# ipsec.conf - strongSwan IPsec configuration file
# basic configuration
config setup
# crlcheckinterval=600
# strictcrlpolicy=yes
# cachecrls=yes
# nat_traversal=yes
charonstart=yes
plutostart=yes
charondebug=dmn 2, mgr 2, ike 2, chd 2,
You must put the enumeration of log levels in double quotes:
charondebug=dmn 2, mgr 2, ike 2, chd 2, job 2, cfg 2, knl 2, net 2, enc
2, lib 2
Cheers
Andreas
On 07.10.2010 09:26, Olivier PELERIN wrote:
# ipsec.conf - strongSwan IPsec configuration file
# basic configuration
config setup
Playing with the ikev2 deamon,
I dont see strongwan using INITIAL_CONTACT. Googling on the internet, I see
it's was not supported down in 2008. Is it still the case? Are we going to
implement it? It's a nice feature in order to clean up sa's after a ungraceful
disconnect.
Cheers
Hi everybody,
I have a question concerning the validation of certificates when using
EAP-TLS (strongswan-4.5.0dr4). I've had a bit of trouble following the
example from the wiki while trying to set up an connection using EAP-TLS
as authentication. As it turned out this was due to the missing
No we still don't support INITIAL_CONTACT. Actually it is quite tricky
to implement.
Regards
Andreas
On 10/07/2010 10:33 AM, Olivier PELERIN wrote:
Playing with the ikev2 deamon,
I dont see strongwan using INITIAL_CONTACT. Googling on the internet, I
see it's was not supported down in 2008.
Hi Jessie,
the keep-alive interval can actually be configured, although, not on a
per-connection basis, by setting the charon.keep_alive option in
strongswan.conf. Regarding the IPsecWindowSize option, keep in mind
that the maximum window size currently supported by the Linux kernel is
32, which