.
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland
the
responder send a copy of that cert. Why is that?
The certificate request is not for a copy of the root CA but for
a certificate *issued* by the requested root CA.
Regards
Andreas
==
Andreas Steffen
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland
but it is enforced on the
server side. Is there a way to do what I am trying to do?
Thanks in advance.
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil
@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
--
==
Andreas
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640
--
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland
--
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640
tester plugin .
^^^ from what I see, this plugin has never supported DES.
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
to do now, I really need your help, any one
could help me?
Thank you very much
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
to uninstall strongswan?
Thanks for your help
2014-08-19 12:36 GMT+08:00 Andreas Steffen
andreas.stef...@strongswan.org mailto:andreas.stef...@strongswan.org:
Hello Amysue,
you have to build strongSwan with
./configure --sysconfdir=/etc
Regards
Andreas
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland
://wiki.strongswan.org/versions/52
Best regards
Tobias Brunner, Martin Willi, Andreas Steffen
The strongSwan Team
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution
--
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640
problems
that you may encounter.
Best regards
Tobias Brunner, Martin Will Andreas Steffen
The strongSwan Team
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution
wrote:
Hi,
Need some info on MSK key derivation when strongswan uses EAP-MSCHAPv2
when used in Ikev2.
Any pointer or info will be helpful..
Thanks
Mukesh
==
Andreas Steffen andreas.stef
--
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland
--
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil
/users
--
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied
,
Rakesh Bansod
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University
--
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil
/mailman/listinfo/users
--
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
Andreas Steffen [mailto:andreas.stef...@strongswan.org]
Sent: Wednesday, April 02, 2014 1:00 PM
To: Gupta, Rohan 1. (NSN - IN/Bangalore); users@lists.strongswan.org
Subject: Re: [strongSwan] charon not sending DELETE payload
Hi Gupta,
if you are using the setkey command which is part of the ipsec
for which the RFC 3447 includes SHA-256.
Best Regards
Mugur
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet
, and charon doesn't tell, either. (Maybe
I am too blind to see?) Would it be possible to hardwire the mac
address in the certificate?
Every helpful response is highly appreciated
Harri
==
Andreas Steffen
in this regard is appreciated.
Regards,
Sriram.
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
--
==
Andreas Steffen
:3b:c8:a4:62:b3:06:61:7e:9a:c0
authkey: c3:59:68:a5:73:e8:b8:76:45:06:3b:c8:a4:62:b3:06:61:7e:9a:c0
Regards,
Sriram.
On Tue, Mar 4, 2014 at 6:49 PM, Andreas Steffen
andreas.stef...@strongswan.org mailto:andreas.stef...@strongswan.org
wrote:
Hi Sriram, could you post the output
our blog entry
http://www.strongswan.org/blog/2014/03/03/strongswan-5.1.2-released.html
Best regards
Tobias Brunner, Martin Willi, Andreas Steffen
The strongSwan Team!
==
Andreas Steffen andreas.stef
inacceptable
13[ENC] 1 generating IKE_SA_INIT response 0 [ N(NO_PROP) ]
13[NET] 1 sending packet: from 30.30.30.21[500] to 30.30.30.11[500]
(36 bytes)
Regards,
Chinmaya
==
Andreas Steffen andreas.stef
--
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland
tunnels per second. What I
understand, the ECDH is faster than MODP. Can anyone please suggest me
if I am missing anything?. Thanking you in advance for your support and
help.
Regards,
Chinmaya
==
Andreas Steffen
configuration.
Best
Mohsen
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University
lefthostaccess=yes
right=%any6
rightsourceip=10.10.10.0/24
rightauth=pubkey
keyexchange=ikev1
Config mode is not activated.
Thanks for any help.
Regards.
==
Andreas Steffen
.
If cannot open strongswan.org now ?
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies
?
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
--
==
Andreas Steffen andreas.stef...@strongswan.org
--
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH
complete
printf functions.
Please test the release candidate and give feedback if you are
running into any problems. ETA for the stable 5.1.1 release is
November 1, 2013.
Cheers
Andreas Steffen, Tobias Brunner Martin Willi
The strongSwan Team
--
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil
it be any consideration to do that or it is a straight forward task?
Thanks,
Farid
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
of my questions are answered before.
this time its urgent, please
thank you,
Rakesh
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution
packet: from 10.73.127.45[4500] to 10.43.135.221[4500]
/**/
Thanks
Naveen
==
Andreas Steffen andreas.stef...@strongswan.org
?
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
--
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution
--enable-attr-sql
--enable-sql --enable-eap-gtc
Thanks,
Karl
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet
--
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
three years so I am wondering if there is a better
way, now with version 5.1.0 and charon, to achieve this?
Thanks,
Jiehan
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil
inconveniences.
Best regards
Tobias Brunner, Martin Willi, Andreas Steffen
The strongSwan Team
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution
check failed: identity xyz.mycompany.com required
selected peer config android inacceptable: constaint check failed
regards,
-smk
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux
and report any issues.
ETA for the stable 5.1.0 release is approximately the end of July.
Best regards
Tobias Brunner, Martin Willi, Andreas Steffen
The strongSwan Team
==
Andreas Steffen andreas.stef
=add
include /var/lib/strongswan/ipsec.conf.inc
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies
://lists.strongswan.org/mailman/listinfo/users
--
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies
, if there is both a DN and one
or more subjectAltName values, how does it choose which one to send?
Will it try them all?
Regards,
Daniel
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland
for IKEv2 prior to 5.0.0.
I hope that is just a typo and it is fully supported in 5.0 going forward.
Amazon does not route ESP packets so this is the only way to do
transport mode in the same data center.
Thanks for the help,
Dan
On Sun, Jul 7, 2013 at 8:58 PM, Andreas Steffen
andreas.stef
with SPI
cc84aaa8 and reqid {1156}
Joshua J. Gross
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH
-eole.ac-dijon.fr
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied
-netlink': loaded successfully
-Bhargav
On Sat, Jun 1, 2013 at 3:17 AM, Andreas Steffen
andreas.stef...@strongswan.org mailto:andreas.stef...@strongswan.org
wrote:
Hi Bhargav,
The private key that you are trying to load is a PKCS#8 file,
a format being used by openssl 1
.
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH
/mailman/listinfo/users
--
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
# ipsec listalgs, we can see the DES in the
list! So my questiion is WHY?
# ipsec listalgs
000 List of registered ESP Algorithms:
000
000 encryption: DES_CBC 3DES_CBC CAST_CBC BLOWFISH_CBC NULL AES_CBC
==
Andreas Steffen
--
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil
Login incorrect.
Is there a way to make it work with an ldap authentication ? Ldap
plugins is loaded on my strongswan server.
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN
Why should we?
Andreas
On 04/26/2013 11:16 PM, Noel Kuntze wrote:
Hello,
Is it planned to add support for CISCO's proprietary UDP encapsulation?
Regards,
Noel
==
Andreas Steffen andreas.stef
rightrsasigkey=%cert
auto=add
Could anyone tell me where the password must be set ? Or is there a way
to force my server asking for user's credentials each time ?
Thanks for you help.
--
==
Andreas
of TLS
(-1), TLS session fails.
Thu Apr 25 12:11:27 2013 : Auth: Login incorrect (TLS Alert
read:fatal:certificate unknown): [login] (from client serv-tests port 9
cli 192.168.110.65[4500])
==
Andreas Steffen
to it or something?
Regards,
Noel
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University
limits
me to.
Thanks, John
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
algorithms using strongswan but i didn't find these
algorithms : ecp_192,ecp_224,ecp_256,ecp_384 and ecp_521
please, i want to know if the strongswan supports it or no, if yes how
can i use it?
==
Andreas Steffen
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
--
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN
, Andreas Steffen
andreas.stef...@strongswan.org mailto:andreas.stef...@strongswan.org
wrote:
It seems as if you didn't have a CHILD_SA in the first place.
Didn't the IKE negotiation complete successfully or did the
peer delete the CHILD_SA because of inactivity (e.g. Windows clients
?
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil
regards
Tobias Brunner, Andreas Steffen, Martin Willi
Reto Bürki, Reto Guadagnini, Adrian Rüegsegger
The extended strongSwan Team
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux
CRL is stale or not. If a CA
revokes a certificate immediately after successful CRL fetch, how long
does it take for Strongswan to make the Certificate stale . How can such
problems be avoided?
Thanks!
Jordan.
On Thu, Apr 4, 2013 at 9:08 PM, Andreas Steffen
andreas.stef
:
Hi,
What can I do on strongswan to keep a tunnel alive even if
there's no traffic flowing ? I've dpdaction set to restart. What
else can be done ?
Regards,
==
Andreas Steffen
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640
logs with username
'192.168.3.254' in my Radius accounting DB, so I worry about it should
be the correct username, or not, user's traffic accounting may be not
accurate.
--
Kris
On Sat, Apr 6, 2013 at 10:43 PM, Andreas Steffen
andreas.stef...@strongswan.org mailto:andreas.stef
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland
./
/
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH
-optimal RAID status
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University
IKE packets.
ikedscp = 00 | DSCP field
Please test our release candidate and report any problems. ETA for
the stable 5.0.3 release is end of March 2013.
Kind regards
Andreas
==
Andreas Steffen
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland
9 17:28:43 charon: 09[NET] sending packet: from 192.168.20.126[500] to
192.168.20.112[500] (76 bytes)/
Regards,
Rashid
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN
://www.strongswan.org/docs/Steffen_Klassert_Parallelizing_IPsec.pdf
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet
actual configuration?
in positive case ¿ is there another way to add the eap-radius plugin?
thanks in advance.
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution
error when I try to connect with an iPhone or the GreenBow
VPN client, so I guess there must be something wrong on the server side.
How can I fix this? What else can I test?
Lars
==
Andreas Steffen
? If that exists then I could just have a cron
which periodically tells charon to re-check it.
Thanks.
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution
.
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences
PF_KEY messages in IPv4+IPv6
environment?
It doesnot work on my setup, although IPv4 or IPv6 works just fine.
Thanks,
Jay
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution
source using the Intel rdrand instruction found on Ivy
Bridge processors.
Enjoy the release candidate and please report back any issues
encountered so that we can fix them before the final release.
Best regards
Andreas
==
Andreas
] IKE_SA deleted
I/charon (17492): 00[LIB] intentionally leaking private key reference
due to a bug in the framework
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences
/plugins/openssl/openssl_pkcs7.c:24:25:
fatal error: openssl/cms.h: No such file or directory.
Any idea?
Thanks
Andy
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution
this?
Thanks
Andy
On Thu, Jan 3, 2013 at 9:30 AM, Andreas Steffen
andreas.stef...@strongswan.org mailto:andreas.stef...@strongswan.org
wrote:
Hello Andy,
our instructions recommend to get the openssl code and header
files from our repository:
The openssl Directory
if necessary.
Do you have an idea if there is some wrong configuration on my side?
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
201 - 300 of 946 matches
Mail list logo