Hi, We are getting problem with ipsec connection in Centos7.4 Libreswan is unable to read the nssdir path /usr/local/platform/.security/ipsec instead always trying to only read /etc/ipsec.d Also, want to mention that /etc/ipsec.conf already has ipsecdir=/usr/local/platform/.security/ipsec which was working earlier with CentOS 7.3. In CentOS 7.3 libreswan-3.15-8.el7.x86_64 is used. In CentOS 7.4 libreswan-3.20-3.el7.x86_64 is used.
What has been changed in libreswan-3.20-3.el7.x86_64 packages? For overcoming the pluto related issue, I have done some changes in configuration file. I have removed the --stderrlog=directory in /etc/ipsec.conf And also replaced auth=esp and esp=aes128-sha1 with phase2alg=aes128-sha1 in /etc/ipsec.d/conf/71221031513.conf file . And manually started ipsec service. Please find the attachment for the ipsec status and ipsec verify. What is differnce between nssdir and ipsecdir if we are using in /etc/ipsec.conf file Is this ipsecdir has been replaced in new libreswan? Please help us to find the route cause. Thanks and Regards, Vyshnav.
ipsec_status
Description: ipsec_status
ipsec_verify
Description: ipsec_verify
_______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
