Re: [strongSwan] Migration from OpenSWAN to StrongSWAN problem.

2018-12-04 Thread Tobias Brunner
Hi, > Dec  2 15:34:13 charon-custom: 11[ENC] generating IKE_SA_INIT request 0 > [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) ] > ... > Dec  2 15:34:49 charon-custom: 10[ENC] parsed ID_PROT request 0 [ SA V V > V V V V V V ] strongSwan tries to initiate an IKEv2 connection, while the peer

[strongSwan] Migration from OpenSWAN to StrongSWAN problem.

2018-12-02 Thread K K
Hi, I have working IPsec tunnel between OpenSWAN on CentOS7 and third party partner company in Azure. The plan is to migrate OpenSWAN to StrongSWAN (Ubuntu) and retire CentOS box. Unfortunately configuration doesnt work and cant find the problem. My working config on OpenSWAN:   config

[strongSwan] Migration from OpenSwan to strongswan

2014-02-17 Thread Erich Titl
Hi folks I am a member of an embedded project investigating a move from OpenSwan to StrongSwan. I am pretty familiar with building OpenSwan for our platform, but completely unfamiliar with the StrongSwan build I our build environment we are using a makefile which is calling the original XSwan

Re: [strongSwan] Migration from Openswan to Strongswan

2011-05-12 Thread Pavel Arnošt
Hi, restart did not help. Do you have any suggestion? Thanks, Regards, Pavel Arnošt -- From: Pavel Arnošt pavel.arn...@valvera.cz Sent: Tuesday, May 10, 2011 5:00 PM To: users@lists.strongswan.org Subject: Re: [strongSwan] Migration from Openswan

[strongSwan] Migration from Openswan to Strongswan

2011-05-10 Thread Pavel Arnošt
Hi, I tried to migrate our Openswan VPN (2.6.21) to Strongswan VPN (4.5.1) on our CentOS 5 server. Openswan package is from official CentOS repository (openswan-2.6.21-5.el5_6.4), Strongswan package have been built from this spec file:

Re: [strongSwan] Migration from Openswan to Strongswan

2011-05-10 Thread Pavel Arnošt
] Migration from Openswan to Strongswan Hello Pavel, if you have iptables in place and you ping the internal interface of the VPN gateway then you need an INPUT/OUTPUT iptables rule to access that interface. Thus you'll need leftfirewall=yes lefthostaccess=yes If you have a MASQUERADING rule

Re: [strongSwan] Migration from Openswan to Strongswan

2011-05-10 Thread Andreas Steffen
Arnoštpavel.arn...@valvera.cz Cc:users@lists.strongswan.org Subject: Re: [strongSwan] Migration from Openswan to Strongswan Hello Pavel, if you have iptables in place and you ping the internal interface of the VPN gateway then you need an INPUT/OUTPUT iptables rule to access that interface. Thus

Re: [strongSwan] Migration from Openswan to Strongswan

2011-05-10 Thread Pavel Arnošt
] Migration from Openswan to Strongswan Hello Pavel, if you have iptables in place and you ping the internal interface of the VPN gateway then you need an INPUT/OUTPUT iptables rule to access that interface. Thus you'll need leftfirewall=yes lefthostaccess=yes If you have a MASQUERADING