Re: [strongSwan] IKEv2 PFS disabled

2011-03-03 Thread Nicole Hähnel
set service ANY next end Cheers, Alexis -Original Message- From: Nicole Hähnel [mailto:m...@nicole-haehnel.de] Sent: 28-Feb-11 06:21 To: Alexis Salinas Subject: Re: [strongSwan] IKEv2 PFS disabled Hi, we are also trying to connect a FortiGate 50B to our

Re: [strongSwan] Strongswan with iphone

2010-10-25 Thread Nicole Hähnel
released because the first connection is not shut down properly. You can check the active leases using the command ipsec leases As a workaround expand the pool to several addresses e.g. by setting rightsourceip=172.27.xx.0/24 Regards Andreas On 24.10.2010 19:19, Nicole Hähnel

[strongSwan] Strongswan with iphone

2010-10-24 Thread Nicole Hähnel
Hi, I am trying to setup a vpn connection from an iphone with cert. The first connection works, but if I try to connect a second time, I do not get a virtual ip. 'iphone' already has an online lease, unable to assign address Tried to use a subnet as rightsourceip, but this does not work at

[strongSwan] strongswan 4.3.5rc1 and SLES10SP2

2009-10-28 Thread Nicole Hähnel
Hi, once again I can not build a strongswan rpm on sles10 sp2. kernel version: 2.6.16.60-0.42.5-smp libtool version: libtool-1.5.22-13.12 (no newer version available) Is it possible to fix this? Thank you! Nicole if /bin/sh ../../libtool --tag=CC --mode=compile gcc -DPACKAGE_NAME=\strongSwan\

Re: [strongSwan] Problems building strongswan on sles10

2009-03-26 Thread Nicole Hähnel
Martin Willi schrieb: Hi, I have still problems building strongswan on sles10sp2 with kernel 2.6.16.60-0.33. The problem persists since the last three versions of strongswan. A workaround is to change ltmain.sh in strongswan sources with /usr/share/libtool/ltmain.sh. Do you

[strongSwan] Problems building strongswan on sles10

2009-03-24 Thread Nicole Hähnel
Hi, I have still problems building strongswan on sles10sp2 with kernel 2.6.16.60-0.33. The problem persists since the last three versions of strongswan. A workaround is to change ltmain.sh in strongswan sources with /usr/share/libtool/ltmain.sh. ../../libtool: line 463: CDPATH: command not

[strongSwan] two installed tunnels for one connection ( ikev2 )

2009-02-18 Thread Nicole Hähnel
Hi, we changed the last days to ikev2 connections. Now we often have more than two tunnels for the same connection. Is this a config problem? Or is it a normal behavior? Thanks! Nicole ipsec statusall output: ffm02fw-bonn: 1.2.3.4[ffm02fw]...4.3.2.1[bonn] ffm02fw-bonn: CAs: C=DE, ST=Hessen,

Re: [strongSwan] Problems compiling strongswan 4.2.9 on SLES10SP2

2008-12-04 Thread Nicole Hähnel
builder probably changes your linux kernel header inclusion path. You can still replace the XFRM_MODE_TUNNEL defines by their numerical values. Regards Andreas Nicole Hähnel wrote: Hi, I changed the line and recompiled strongswan by hand. This works, but I have to build a rpm

Re: [strongSwan] Problems compiling strongswan 4.2.9 on SLES10SP2

2008-12-01 Thread Nicole Hähnel
Hi, I changed the line and recompiled strongswan by hand. This works, but I have to build a rpm for about 20 servers and that does not work. (spec attached) starterstroke.c: In function starter_stroke_add_conn: starterstroke.c:246: error: XFRM_MODE_TUNNEL undeclared (first use in this