Re: [strongSwan] No capable fetcher found

:46 vpn6-test pluto[28289]: cisco-vpn[1] 192.168.1.180:59907 #1: X.509 certificate rejected regards, Claude On Thursday 24 June 2010 12:58:17 Andreas Steffen wrote: Here a follow up comment: If you are *not* using an explicit pluto.load statement then do not forget to execute make clean

Re: [strongSwan] DNS servers not pushed to client

server = my-freeradius-server } } dns1 = 192.168.1.28 dns2 = 192.168.1.15 } Any ideas to correct this issue ? many thanks Claude -- == Andreas Steffen andreas.stef...@strongswan.org

Re: [strongSwan] Private key not found

strongswan 4.3.2 and Debian has an include directive in ipsec.secrets. Taking that out solves the problem. Odd that pluto handled that though. Thanks, Shane On Tue, Jun 22, 2010 at 11:49:18AM +0200, Andreas Steffen wrote: Hi Shane, the first output comes from the IKEv1 pluto daemon who finds

Re: [strongSwan] does Strongswan 4.3.6 support PAT - Transport Mode?

wrong. Could you please help me? Thanks, Cristina == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet

Re: [strongSwan] DNS servers not pushed to client

L-1359 Luxembourg Tel: +352 424409 1 Fax: +352 422473 -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet

Re: [strongSwan] How to test DPD

... Kindly help me out,how to test and verify this setup .. what are the steps that i have to followed for testing... Thanks in Advance Regards, Dhanavel -- == Andreas Steffen andreas.stef

Re: [strongSwan] payload order checking

processed if all the sections are present? 2. Is this something that has been changed in later versions? - I am using version 4.1.10 Thank you == Andreas Steffen andreas.stef...@strongswan.org strongSwan

Re: [strongSwan] Error while using ipsec up connection name

main Thanks in advance Regards Dhanavel -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies

Re: [strongSwan] Connectio breakdown on activating another

issue `ipsec stroke up dave6`, the dave6 connection is brought up and at the same time, dave4 is killed. Why would that be? thanks, Jan == Andreas Steffen andreas.stef...@strongswan.org strongSwan

Re: [strongSwan] Error Generating a host or user certificate

not use or disseminate the information, notify the sender and delete it from your system. -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution

Re: [strongSwan] Intermediate CAs - ordering important?

]: srx #5: sending encrypted notification INVALID_KEY_INFORMATION to 10.0.81.82:500 -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org

Re: [strongSwan] Intermediate CAs - ordering important?

a bit worried what's correct... Holger Am 2010-06-15 20:18, schrieb Andreas Steffen: Hi Holger, as far as I remember pluto supports the import of intermediate CA certificates received via IKEv1 only if the are embedded together with the end entity certificate in a PKCS#7 envelope

Re: [strongSwan] Integrity Algorithm NONE

strongswan? Thanks Jamie Knight (rjkni...@us.ibm.com) IBM Power Firmware Development (512) 286-7017 (t/l 386-70 office 045/2A-01 IBM Austin, TX == Andreas Steffen andreas.stef...@strongswan.org strongSwan

Re: [strongSwan] (no subject)

. Best regards Peter == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies and Applications

Re: [strongSwan] IKE algorithms

-- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland

Re: [strongSwan] IPsec Testing

== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH

Re: [strongSwan] strongSwan LinuxTag Workshop on Friday June 11, 12:00-13:00 hours

Here is the final announcement for the workshop: http://www.linuxtag.org/2010/de/program/freies-vortragsprogramm/vortragsliste.html?talkid=643 See you in Berlin Andreas == Andreas Steffen andreas.stef

Re: [strongSwan] Help

. __ ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users -- == Andreas Steffen

[strongSwan] strongSwan LinuxTag Workshop on Friday June 11, 12:00-13:00 hours

. == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland

Re: [strongSwan] Visit strongSwan at LinuxTag 2010 in Berlin

just drop us an email. On 06/03/2010 12:12 AM, Daniel Mentz wrote: Andreas Steffen wrote: Visit us at our booth 115 in hall 7.2b and attend the strongSwan workshop which will be scheduled either on Friday June 11 or Thursday June 10. We will post the exact time as soon as the information

Re: [strongSwan] How to disable ctrl-c for strongswan?

is running and I tried to ping a destination, after I pressed ctrl-c to stop pinging, strongswan process stops as well. How to disable this? Thanks! ^^ B.R. Jessie == Andreas Steffen andreas.stef

Re: [strongSwan] support for md5-des

as md5-des, I am getting following error: “ ike_alg: crypter DES_CBC not present.” Any pointers as to how to overcome the above problem. Regds Anil == Andreas Steffen andreas.stef...@strongswan.org

Re: [strongSwan] upgrade to 4.4.0 and virt ip-address-pool

ideas? Thanks Peter == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies and Applications University

Re: [strongSwan] routing between strongswan clients

== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland

Re: [strongSwan] SQL and esp/ike setting

? == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland

Re: [strongSwan] Strongswan with Cisco Client

://lists.strongswan.org/mailman/listinfo/users -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies

Re: [strongSwan] configuring charon with installpolicy=no

: ESP(spi=0xcc7636fb,seq=0x3), length 132 11:33:14.443468 IP 20.0.0.1 40.0.0.1: ESP(spi=0xcb7751d6,seq=0x3), length 132 thanks alot -Original Message- From: ext Andreas Steffen [mailto:andreas.stef...@strongswan.org] Sent: Wednesday, May 19, 2010 11:27 AM To: Ayyash, Mohammad (NSN

Re: [strongSwan] Charon refuses to start

scheduled (5sec) May 18 11:45:24 vpn6-test ipsec_starter[26263]: charon refused to be started ... Any ideas to this error ? thanks a lot in advance for your answers greetings, Claude == Andreas Steffen

Re: [strongSwan] configuring charon with installpolicy=no

to find it? why is that? Solution (B): Is there a way to control the order at which Charon installs SPD policies? == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux

Re: [strongSwan] configuring charon with installpolicy=no

before it started IKE negotiation, but it is not able to find it? why is that? Solution (B): Is there a way to control the order at which Charon installs SPD policies? == Andreas Steffen

Re: [strongSwan] strongSwan + Windows 7 + IKEv2 + MSCHAPv2 (Username and password)

== Andreas Steffen e-mail: andreas.stef...@hsr.ch Institute for Internet Technologies and Applications Hochschule fuer Technik Rapperswil phone: +41 55 222 42 68 CH-8640 Rapperswil (Switzerland)mobile: +41

Re: [strongSwan] StrongSWAN - Cisco router IOS 12.4

have any idea, hints or anything, i'll greatly appreciate :) Thanks a lot François Van Ingelgom -- PCSOL == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution

Re: [strongSwan] How to configure more than one security gateway?

by domain name? Thanks! Best Regards, Jessie == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies

Re: [strongSwan] StrongSWAN - Cisco router IOS 12.4

machine and right is the remote one, is that correct? Thanks for your help, i'll post what you asked tomorrow. François Van Ingelgom -- PCSOL Le 11 mai 2010 à 17:08, Andreas Steffen a écrit : Hello François, I don't see anything special in your configuration file except that it looks

Re: [strongSwan] Is there possible for strongswan to support IKEv1 and IKEv2 at the same time at the same host?

Daniel, you are right of course! Thanks Andreas On 05/07/2010 09:00 AM, Daniel Mentz wrote: Andreas Steffen wrote: in the default configuration the pluto daemon binds to the UDP ports 500 and 4500 whereas the charon daemon uses a raw socket with Linux Socket Filter (LSF) rules filtering

Re: [strongSwan] How to use the strongswan library as API calls to strongswan so

Hi, As you might have noticed in the strongswan-4.4.0 release all IKEv2 functionality is now in the libcharon library and the charon daemon is just a rump process. Thus it should be easy to write an application yourself using the libcharon, libhydra, and libstrongswan. It is also possible to

Re: [strongSwan] Is there possible for strongswan to suppor t IKEv1 and IKEv2 at the same time at the same host？

, is there possible we use Racoon for IKEv1 and Charon for IKEv2 on the same host? Thanks. == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution

[strongSwan] ANNOUNCE: strongswan-4.4.0 released

The ipsec pki --gen and --pub commands now allow the output of private and public keys in PEM format using the --outform pem command line option. Enjoy our new release! Best regards Andreas Steffen, Tobias Brunner Martin Willi the strongSwan

Re: [strongSwan] how can I see some traffic statistics from Strongswan?

== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil

Re: [strongSwan] Compatibility

running checkpoint * F5 * Thales TCE (Or is compatibility such a silly question not worthwhile mentioning on web-page?) Kind regards, Hans == Andreas Steffen andreas.stef

Re: [strongSwan] failed to create a builder for credential type CRED_CERTIFICATE, subtype (1)

: - To: eric.hernan...@allegiantair.com From: Andreas Steffen andreas.stef...@strongswan.org Sent by: users-bounces+eric.hernandez=allegiantair@lists.strongswan.org Date: 04/26/2010 09:42PM Cc: users@lists.strongswan.org Subject: Re: [strongSwan] failed to create a builder

Re: [strongSwan] failed to create a builder for credential type CRED_CERTIFICATE, subtype (1)

== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland

[strongSwan] ANNOUNCE: strongswan-4.4.0rc1

release is the beginning of May. Best regards from the strongSwan team Andreas Steffen, Tobias Brunner Martin Willi == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution

Re: [strongSwan] Trying a basic peer to peer ipsec setup with strongswan and is failing due to some key related issue

in the foreground using ipsec start --nofork Regards Martin == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies

Re: [strongSwan] IKEv1 - Message-IDs during phase 1 for encrypted Notify messages

? I can't figure it out from RFCs. Great thanks in advance! Best regards, Vladimir Podobaev == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution

Re: [strongSwan] Trying a basic peer to peer ipsec setup with strongswan and is failing due to some key related issue

Andreas == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies and Applications University of Applied

Re: [strongSwan] Problem configuring strongSwan

== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences

Re: [strongSwan] support for pfkey

== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland

Re: [strongSwan] Problem configuring strongSwan

stop pluto !!! ipsec starter stopped what this means? Regards Pankaj Gupta On Thu, Apr 15, 2010 at 8:01 PM, Andreas Steffen andreas.stef...@strongswan.org mailto:andreas.stef...@strongswan.org wrote: Hi Pankaj, could you start the pluto daemon without forking with the command

Re: [strongSwan] IPv6 Addresses

address to every host. thanks in advance Claude == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies

Re: [strongSwan] Questions regarding AH protocol usage

authentication replaces authentication in ESP. Regards Andreas == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet

Re: [strongSwan] Can't connect with chained certificates

) ] Apr 10 23:18:46 mailproxy charon: 14[NET] sending packet: from ***.***.***.***[4500] to +++.++.+++.+++[17619] == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution

Re: [strongSwan] Questions regarding AH protocol usage

with these questions. Thanks, Mohit Best regards Andreas == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet

Re: [strongSwan] New Problems with Juniper SRX after FW Upgrade - INVALID_ID_INFORMATION

]: | state transition function for STATE_MAIN_I3 failed: INVALID_ID_INFORMATION Apr 9 09:13:58 id-soft pluto[29125]: | next event EVENT_RETRANSMIT in 3 seconds for #1 Br Daniel == Andreas Steffen

Re: [strongSwan] Problem in stack when crl updation is done

== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland

Re: [strongSwan] Problem in stack when crl updation is done

and not the new crl in which the certificate is revoked. I think there is some problem in the parsing of the crl list as the crl list is not completely parsed? Thanks for your help in advance. Regards, Vivek == Andreas Steffen

Re: [strongSwan] need help for host2host-cert setup

/ipsec.secrets' Mar 25 05:11:37 plm56 charon: 16[CFG] loaded private key file '/etc/ipsec.d/private/newkey.pem' plm56:~/abhishek # On Wed, Mar 24, 2010 at 7:07 PM, Andreas Steffen andreas.stef...@strongswan.org wrote: Execute ipsec rereadsecrets and look for error messages in the log. It might

Re: [strongSwan] Can not establish ipsec tunnel between racoon and strongswan(pluto)

=10.1.0.0/16 http://10.1.0.0/16 leftfirewall=yes right=%any authby=secret auto=add thanks, Xia Weizhong == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN

Re: [strongSwan] strongswan with EAP-OTP support

== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil

Re: [strongSwan] need help for host2host-cert setup

for newcert.pem and newkey.pem Please take a look at these and let me know what more should I do to get through. regards Abhishek Misra == Andreas Steffen andreas.stef...@strongswan.org strongSwan

Re: [strongSwan] ipsec pki --gen failed

== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland

Re: [strongSwan] Win7 client not finding machine certificate

in the same network enviroment behind the same router on the same machine. I'd really appreciate any ideas, hints, suggestions or help. Thanks a lot in advance. So long, matthias == Andreas Steffen

Re: [strongSwan] PKCS#10 file format with ipsec pki -req

format with strongSwan commands? Does this command accept both DER and PEM as private key RSA input file (--in) ? Thank you Mugur == Andreas Steffen andreas.stef...@strongswan.org strongSwan

Re: [strongSwan] PKCS#10 file format with ipsec pki -req

Mugur == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies and Applications University of Applied

Re: [strongSwan] Certificates in cacerts directory

Andreas == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies and Applications University of Applied

Re: [strongSwan] Please help - Using strongSwan to connect to CheckPoint VPN-1

the connection automatically. man ipsec.conf for details. Regards Martin == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute

Re: [strongSwan] Please help - Using strongSwan to connect to CheckPoint VPN-1

, then is it a case of posting the sys.log errors for someone to kindly look at I appreciate anyone's help and time with this. Regards, Jana == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux

[strongSwan] Full SHA-2 IPsec support with strongSwan 4.3.6 and Linux kernel 2.6.33

a 2.6.33 kernel :-) Best regards Andreas == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies

Re: [strongSwan] Reread of CA certificates, CRL checking

to 192.168.150.136:500 == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies and Applications University

Re: [strongSwan] Certificates in cacerts directory

fetched via hash-and-url from a http server must be in binary DER, too. Thank you Mugur Best regards Andreas == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution

Re: [strongSwan] Loading CRLs from file

leftcert=/home/vivek/vivek/linux_pc_90_1/cert.pem rightid=%any auto=add Thanks for your inputs in advance. Regards, Vivek Best regards Andreas == Andreas Steffen andreas.stef

Re: [strongSwan] Problem with CRLs

== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences

Re: [strongSwan] Diffie Hellman groups in Cisco routers

Router3845). The Cisco is configured with group2 Diffie Hellman - someone know which protocol it corresponds?to setup correctly my StrongSwan? Thank you so much, nm == Andreas Steffen andreas.stef

Re: [strongSwan] Documentation: IKEv2CipherSuites, Integrity Algorithms

number you allocated in the private use block. I do believe that interoperability does benefit from this documentation change. I can help out and take care of the changes if you let me. -Daniel == Andreas Steffen

Re: [strongSwan] Policies should be available in Kernel even though SA is not established!

== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640

Re: [strongSwan] strongswan-4.3.6 errno 22: Invalid argument

== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences

[strongSwan] ANNOUNCE: strongswan-4.3.6 released

Steffen, Martin Willi, Tobias Brunner == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies

Re: [strongSwan] Access to wiki

, Bjarke == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies and Applications University of Applied

[strongSwan] ANNOUNCE: strongSwan 4.3.6 release candidate

-- strongSwan team member Tobias Brunner ported the IKEv2 charon daemon to the Android 1.6 platform. Details on the cross-compilation will follow. Best regards Andreas Steffen, Martin Willi, Tobias Brunner

Re: [strongSwan] 4.3.6dr5: Question about XFRM_MSG_DELPOLICY log message

in...@ip.a.dd.r was too long: 100 36 Is this something to worry about? What's the cause? Thanks in advance, Thomas == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution

Re: [strongSwan] [strongswan] ipsec update with IKEv2

syslogd.c(134) pluto[9028]: conn2: deleting connection 362227 WAR 17:00:08 74ms syslogd.c(134) pluto[9028]: conn2 #2: deleting state (STATE_QUICK_I2) == Andreas Steffen andreas.stef...@strongswan.org strongSwan

Re: [strongSwan] Reqids in strongswan and umip

:) == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland

Re: [strongSwan] Problems with network-manager-strongswan on Ubuntu Karmic

indicate where I should start to fix the problem. Any ideas? Anything obvious? (I whish there was...). Thanks, p...@rick Best regards Andreas == Andreas Steffen andreas.stef...@strongswan.org strongSwan

Re: [strongSwan] use config in sqlite

explain what it is? thanks, Xia Weizhong Best regards Andreas == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute

Re: [strongSwan] use config in sqlite

2010/1/20 Andreas Steffen andreas.stef...@strongswan.org mailto:andreas.stef...@strongswan.org Xia Weizhong wrote: Hi I plan to use strongswan in an Embeded environment. My plan is to use charon alone with libstrongswan (no starter), and with configs stored

Re: [strongSwan] use config in sqlite

in the database? There are currently some parameters that cannot be defined in the database. thanks, Xia Weizhong Best regards Andreas == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux

Re: [strongSwan] standard support

Elliptic Curve Groups in IKEv2CipherSuites. http://wiki.strongswan.org/wiki/1/IKEv2CipherSuites Thanks ^^ --- 10/1/14 (四)，Andreas Steffen andreas.stef...@strongswan.org 寫道： 寄件者: Andreas Steffen andreas.stef...@strongswan.org 主旨: Re: [strongSwan] standard support 收件者

Re: [strongSwan] rightid=%any or wild characters - ikev1 not working

with the DN of the remote peer certificate. Is it possible to make ikev1 work with the above way of specifying rightid ? Thanks Regards, Ashish. == Andreas Steffen andreas.stef...@strongswan.org

Re: [strongSwan] no acceptable traffic selectors found

...@bartsimpson.sytes.net auto=add conn nat-t leftsubnet=192.168.25.0/24 right=%any rightsubnet=192.168.26.0/24 rightsourceip=192.168.20.0/24 auto=add -- == Andreas

Re: [strongSwan] standard support

related standards, does strongswan supports all standards in http://wiki.strongswan.org/wiki/1/IpsecStandards#IPsec-and-related-standards ? Thanks for your help! == Andreas Steffen andreas.stef

Re: [strongSwan] no ipsecN interface error when using NETKEY

-- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies and Applications University of Applied

Re: [strongSwan] Cryptographic Hardware

) and layer 2 Kasumi encryption/decryption. But I have no idea how to integrate strongswan( or openssl??) to take advantage of the offload engines. Do you have any idea? Thanks!!! Regards, Jessie == Andreas Steffen

Re: [strongSwan] NAT problem

correct? If this is true, how the destination end reconstructs the outer IP header? Could you provide an example? Thanks ! ^__^ == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux

Re: [strongSwan] Regarding CN as left/rightid

in the certificate as a subjectAlternativeName. Not sure about e-mail addresses and IP addresses, though. -Daniel == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution

Re: [strongSwan] NAT problem

negotiation procedures and all following IPsec traffic communication between two ends? And floating to port 4500 is necessary with NAT device? Thanks in advance!! == Andreas Steffen andreas.stef

Re: [strongSwan] feature request: Give a hint if --enable-eap-mschapv2 is not set

and recompile Also, I think the autoconf script should complain if I enable eap-mschapv2 but not md4 at the same time. Should we add this hint also to the wiki page? I think we should. Thanks -Daniel == Andreas Steffen

Re: [strongSwan] [strongswan]IPSEC Null Encryption

. == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland

Re: [strongSwan] [strongswan]INVALID_ID_INFORMATION

and emailAddress RDNs or even better just omit the emailAddress in the subject DN because this is bad practice anyway. Best regards Andreas Andreas Steffen wrote: Dear Ashish, there is an error in the rightid definition. The correct syntax is rightid=C=IN, ST=KAR, O=X, OU=, CN=FTM

Re: [strongSwan] how to config manual mode

wrote: hi: i am a beginner of strongswan , now i want to config a ipsec tunnel use manual mode beside the ike exchange. does the strongswan support the function ? if it does, how can i config it. thanks . == Andreas Steffen

Re: [strongSwan] Problems with conneting to stongSwan server from Win 7

== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution!www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland

<    3   4   5   6   7   8   9   10   >