Jayasri Sangu wrote:
>
> Hi All,
>
>
>
>We are trying to implement the strongswan on our
> embedded product with freescale processor.
>
>
>
> B'coz of limitations of our processor we cann't use the software
> encryption. Is there any way the strongswan supports hardware
> acc
Hi All,
We are trying to implement the strongswan on our embedded
product with freescale processor.
B'coz of limitations of our processor we cann't use the software encryption. Is
there any way the strongswan supports hardware acceleration?
Thanks for your help
Jayasri Sangu
Hi,
Sorry, I found it! It is working...
An iptables command was left, which is prohibited!
Thank you!
Zsolt
-Original Message-
From: users-bounces+makai.zsolt=etv...@lists.strongswan.org
[mailto:users-bounces+makai.zsolt=etv...@lists.strongswan.org] On Behalf
Of Makai
Hi Martin,
Thanks for the clarification. If not possible to trigger the flush
externally, then when does that stack flush these certificates
automatically.
Regards
Sajal
On Thu, Jun 3, 2010 at 1:58 PM, Martin Willi wrote:
> Hi,
>
> > This is incorrect as the Certificate of peer is signed by pre
Hi,
Please, help me! I have got two strongswan servers and the connection is
ok. I must put a router between "left" and "leftsubnet":
Before: 192.168.100.0/22===x.x.x.186---x.x.x.230===192.168.11.0/24
Now: 192.168.100.0/22==={router
192.168.100.254-x.x.x.185}===x.x.x.186---x.x.x.230===192.168.11.
Dear all, When strongswan process is running and I tried to ping a
destination, after I pressed ctrl-c to stop pinging, strongswan process stops
as well. How to disable this? Thanks! ^^
B.R.Jessie
___
Users mailing list
Users@lists.st
sftf wrote:
> Connection stop with "charon: 11[IKE] no private key found for..." followed
> by gateway's cert ID.
> Private gateway's key is in /etc/ipsec.d/private/gw.superprime.ru-key.pem and
> not encrypted.
> Looks like strongswan didn't "see" private key gw.superprime.ru-key.pem.
Putting yo
Help me please with follow error.
I try to connect from Win7 client with IKEv2 to Debian strongswan 4.2.4 gateway.
Connection stop with "charon: 11[IKE] no private key found for..." followed by
gateway's cert ID.
Private gateway's key is in /etc/ipsec.d/private/gw.superprime.ru-key.pem and
not en
Hi James,
> I dont understand why its saying cannot cope with %defaultroute!!! since
> no where in the config does it specify %defaultroute
The starter complains that it does not have a default route, even if you
don't have a such config. But this warning won't harm.
Regards
Martin
__
You assumed right. :)
Ok I'll try to get it running with a proper ipsec.conf configuration without
the network-manager plugin.
thanks very much for your help
kind regards
Claude
On Thursday 03 June 2010 10:08:48 Martin Willi wrote:
>
> > 16[IKE] EAP method EAP_MSCHAPV2 succeeded, no MSK esta
Hi,
> This is incorrect as the Certificate of peer is signed by previous CA
> certificate, which has been deleted in step 4 above.
The certificate is probably still in the cache, and therefore accepted.
There is currently no way to flush the cache externally, you'll have to
restart the daemon.
R
> 16[IKE] EAP method EAP_MSCHAPV2 succeeded, no MSK established
>
> 14[IKE] verification of AUTH payload without EAP MSK failed
Then I'd assume you are using FreeRADIUS :-).
It does not include the MSK in MSCHAPv2 if used over EAP. IKEv2 however
requires the MSK to calculate the AUTH payload.
> > I assume you're using MSCHAPv2
> 13[ENC] generating IKE_AUTH response 2 [ EAP/REQ/(25) ]
I assumed wrong, your RADIUS server is offering PEAP (probably with
MSCHAPv2 inside). strongSwan currently does not support PEAP, and it
usually does not make a lot of sense to use it inside the protecte
Hi Clause,
> Jun 3 08:21:38 vpn6-test charon: 10[IKE] received EAP_NAK, sending
> EAP_FAILURE
Seems that the client does not like the EAP method offered. I assume
you're using MSCHAPv2, so double check that the client has the
eap-mschapv2 and the eap-identity modules installed and loaded.
For
Hi Martin,
On Thursday 03 June 2010 09:26:56 you wrote:
> Hi Clause,
>
> > Jun 3 08:21:38 vpn6-test charon: 10[IKE] received EAP_NAK, sending
> > EAP_FAILURE
>
> Seems that the client does not like the EAP method offered. I assume
> you're using MSCHAPv2, so double check that the client has th
Hi,
I'm trying to connect an Ubuntu client with the strongswan
networkmanager-plugin to my strongswan VPN server, using the same configuration
as for a Windows 7 client.
The server is authenticated via certificate, the client is authenticated via
eap-radius module.
The Windows 7 client works fi
16 matches
Mail list logo
