Hi John,
We have some definite plans to introduce native systemd support
Any chance this can be a compile-time selection for those of us who don't
use systemd?
Definitely; that systemd specific IKE daemon will be completely
optional, and not the default. ipsec.conf based configuration and
Hello-
After much searching on the internet I am looking for a definitive answer from
the source.
I have successfully configured iOS devices to VPN into my StrongSwan test
environment in Amazon. I have also gotten the StrongSwan client to work on
Android 4.4.2 (which tells me my certificate
Hello all,
I have 2 gateways running Linux strongSwan U4.3.5/K2.6.32-526 configured for
IKEv2, net-to-net with MOBIKE enabled.
Gateway-A, the initiator, has 2 links. Gateway-B the responder, has only one
link. These are the IP addresses.
gateway-A_link1 = 172.19.78.72
gateway-A_link2 =
Hi Martin,
--On Friday, July 11, 2014 03:04:27 PM +0200 Martin Willi
mar...@strongswan.org wrote:
ipsec_starter[3318]: notifying watcher failed: Broken pipe
I got: no trusted RSA public key found for NAME
Btw, I don't think these two issues are directly related. While
asynchronous IPC
Dirk,
was there a change in 5.2 about charon asking for the certificate of
the peer? I can establish a connection when I add leftsendcert=yes to
the configuration of my roadwarrior.
None that I'm aware of. leftsendcert=ifasked was the policy ever since.
If I don't add it I get a connection
With this connection active it doesn't matter if I set rightsendcert to
ifasked or yes in the default section or the specific connection
section of my linux roadwarrior. I can't connect because charon doesn't
send a certificate request.
If I remove the conn section for win 7 eap, I can
Hi Martin,
--On Tuesday, July 15, 2014 01:52:45 PM +0200 Martin Willi
mar...@strongswan.org wrote:
With this connection active it doesn't matter if I set rightsendcert
to ifasked or yes in the default section or the specific connection
section of my linux roadwarrior. I can't connect
While testing ipsec ,it seems that with “ipsec stroke conn name”,
IKE_DELETE task is being queued on eNB but delayed by the ongoing dpd
re-transmission task. Is there any other way to administratively shutdown
the connection, overriding the dpd re-transmission task?
--
Regards
Nandagopal