Andreas Steffen wrote:
in the default configuration the pluto daemon binds to the UDP ports 500
and 4500 whereas the charon daemon uses a raw socket with Linux
Socket Filter (LSF) rules filtering and forwarding IKE version 2
messages to the IKEv2 daemon. Thus it is no problem to use racoon
in
Daniel, you are right of course!
Thanks
Andreas
On 05/07/2010 09:00 AM, Daniel Mentz wrote:
Andreas Steffen wrote:
in the default configuration the pluto daemon binds to the UDP ports 500
and 4500 whereas the charon daemon uses a raw socket with Linux
Socket Filter (LSF) rules filtering and
Hi Tobias, Hi Martin,
thanks for your replies!
I fixed the issue of the missing md4 plugin. Now md4 is being successfully
loaded as plugin during startup of strongSwan:
01[DMN] loaded plugins: aes des sha1 sha2 md4 md5 fips-prf random x509 pubkey
xcbc hmac gmp stroke eap-identity eap-mschapv2
Hi again,
the response is just a little bit below:
A yes, haven't seen the first authentication round in the log.
Why does strongSwan not reply with IKE AUTH [Idr AUTH CERT EAP REQ/ID]
leftsendcert=never
Looks suspicious ;-). The example configuration uses
rightsendcert=never, which
Hi Bjarke,
I am not sure about that topic. But I think it is supported by strongSwan. I
can remember that I saw a configuration of strongSwan using a remote RADIUS
server for doing the authentication work. The configuration should made in your
strongSwan.conf file. If I am right, you should
Yeah, right. I already changed the ipsec.conf to:
leftsendcert=always
strongSwan generates now the IKE AUTH response IKE AUTH [Idr AUTH CERT EAP].
Now it's a step further but Win 7 still complains with the following message:
Error 13801: IKE authentication credentials are unacceptable
In Win
Hi
My question is specific to the usage of the strongswan shared object
which is generated after the build.
All the documentation I see in the website is for using the strongswan
command line utility only and for the IKE daemons but I also wanted to
explore If I can use the strongswan
Hi,
If I can use the strongswan defined API in the so library in my code
to do all the functionality supported
Yes. strongSwan has a generic utility and crypto library called
libstrongswan. It is used by many tools shipped with the strongSwan
distribution.
Starting with the recently released
Hi,
As you might have noticed in the strongswan-4.4.0 release all IKEv2
functionality is now in the libcharon library and the charon daemon is just a
rump process. Thus it should be easy to write an application yourself using the
libcharon, libhydra, and libstrongswan. It is also possible to