Hi,
it seems as if you messed up your public key infrastructure:
your end entity certificate is
'C=AU, ST=QLD, O=Mincom Pty. Ltd., OU=rvce, CN=ishan, e=is...@gmail.com'
but you no matching private key is found either because the private key
file defined in /etc/ipsec.secrets
: RSA myKey.pem "
hello ..
i am new in using strongswan. plz help me setting host-host case.. I am
getting problem in executing command "ipsec up host-host"
RESULT IS:
[r...@sun etc]# ipsec start
Starting strongSwan 4.2.11 IPsec [starter]...
[r...@moon etc]# ipsec restart
Starting strongSwan 4.2.11 IPsec [starter
Hi Gerd,
the cause for the segfault is the call of the function
state.c:delete_states_by_connection() in ipsec_doi.c:dpd_timeout()
http://wiki.strongswan.org/browser/trunk/src/pluto/ipsec_doi.c#L5615
which deletes the connection c if it has been instantiated
http://wiki.strongswan.org/brows
Adam French wrote:
> Does anyone have any success getting a LAN-to-LAN tunnel up and working
> with Juniper? The requirement has StrongSwan as the initiator and
> Juniper as the Responder. I can get it to work with PSK authetication
> and only when the initiator has a static IP. However, I have
j.witvl...@mindef.nl wrote:
> Secondly, apperently the pem file for the ca must be /etc/ssl/cert.pem
> (for openSUSE apperently...)
> At least now i get an "ok" if i do a "openssl verify client1Cert.pem or
> any other certificate!
Hi Hans,
I don't believe that the CA pem file has to be in /etc/ssl
Hi,
Does anyone have any success getting a LAN-to-LAN tunnel up and working
with Juniper? The requirement has StrongSwan as the initiator and
Juniper as the Responder. I can get it to work with PSK authetication
and only when the initiator has a static IP. However, I have had no
success with any
Hi,
> Where in the quellcode can I change this value?
You'll find these constants in src/charon/sa/task_manager.h:
ROUTEABILITY_CHECK_INTERVAL: Interval to do the checks
ROUTEABILITY_CHECK_TRIES: Number of checks before giving up
Regards
Martin
___