Hello Martin
That’s good to know, were currently using VICI, if we run into issues and need
to switch to DAVICI, it should be easy.
-Original Message-
From: Martin Willi [mailto:mar...@strongswan.org]
Sent: Friday, September 08, 2017 12:02 AM
To: Modster, Anthony
Cc: users@lists.strong
One more question on the topic.
let’s say I have two default gateway like
Kernel IP routing table
Destination Gateway Genmask Flags Metric RefUse Iface
0.0.0.0 10.10.1.1 0.0.0.0 UG1 00 eth0
0.0.0.0 10.10.2.1 0.0.0.0
Thanks for the clarification.
> On Sep 7, 2017, at 11:30 PM, Tobias Brunner wrote:
>
> Hi Jaehong,
>
>> The logic of get_route function in
>> /libcharon/plugins/kernel_netlink/kernel_netlink_net.c was ported to
>> differently than it is described above.
>
> Yes, that was changed with 3f4
On Freitag, 8. September 2017 13:07:25 CEST Tobias Brunner wrote:
> Hi Ric,
>
> > I managed to find the bug, wrong truncation still exists in latest
> > 4.4 kernel:
> >
> > https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/tr
> > ee/ net/xfrm/xfrm_algo.c?h=v4.4.87
>
> That'
Hi Ric,
> I managed to find the bug, wrong truncation still exists in latest
> 4.4 kernel:
>
> https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/tree/
> net/xfrm/xfrm_algo.c?h=v4.4.87
That's only because you are using the kernel-pfkey plugin on Linux,
which you should not.
Hi guys, I managed to find the bug, wrong truncation still exists in latest
4.4 kernel:
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/tree/
net/xfrm/xfrm_algo.c?h=v4.4.87
in line 242 I changed:
.icv_truncbits = 96,
to
.icv_truncbits = 128,
Now pings work fine no er
... and I now have an a NetworkManager defined VPN working.
Many thanks
A
On 8 September 2017 at 10:48, Tobias Brunner wrote:
> Hi Alex,
>
> > In my strongswan build, how do I tell NM to use eap-mschapv2?
> >
> > At the moment, by default its using eap-md5
>
> The server selects the EAP method
Hi Alex,
> In my strongswan build, how do I tell NM to use eap-mschapv2?
>
> At the moment, by default its using eap-md5
The server selects the EAP method. The only option the client has is
returning an EAP-Nak with the methods it supports/prefers. strongSwan
does so if the requested method
>From the Network manager web page, it says
You can use any password based EAP method supported by strongSwan
(MD5/GTC/MSCHAPv2)
So if I include "--enable-eap-gtc --enable-eap-md5 --enable-eap-mschapv2"
In my strongswan build, how do I tell NM to use eap-mschapv2?
At the moment, by default its
Hi Anthony,
> [...] and he didmention the possibility for using DAVICI.
> mention the possibility for using DAVICI. The problem at the time was
> Andreas lost the support person for this module. So we decided not to
> take the risk.
I don't think there is much of an issue here. I definitely will
10 matches
Mail list logo