Hi Martin. Thanks for response. I've added charon.routing_table=0 to strongswan.conf and started strongswan. Things looks little better now, there are some new "plugin ... loaded successfully" messages at the beginning of log file, and after that there is netlink message again: Oct 30 10:56:35 00[KNL] known interfaces and IP addresses: Oct 30 10:56:35 00[KNL] lo Oct 30 10:56:35 00[KNL] 127.0.0.1 Oct 30 10:56:35 00[KNL] ::1 Oct 30 10:56:35 00[KNL] eth0 Oct 30 10:56:35 00[KNL] 192.168.2.100 Oct 30 10:56:35 00[KNL] fe80::211:32ff:fe18:5558 Oct 30 10:56:35 00[KNL] tun0 Oct 30 10:56:35 00[KNL] 10.8.6.1 Oct 30 10:56:35 00[KNL] received netlink error: Operation not supported (95) Oct 30 10:56:35 00[KNL] unable to create IPv4 routing table rule
You can see full log on: https://dl.dropboxusercontent.com/u/2261256/forums/ipsec/charon.log And here are my config files: https://dl.dropboxusercontent.com/u/2261256/forums/ipsec/ipsec.conf https://dl.dropboxusercontent.com/u/2261256/forums/ipsec/strongswan.conf I'm trying to setup ipsec VPN for iOS device, so I followed this guide: http://wiki.strongswan.org/projects/strongswan/wiki/IOS_%28Apple%29 Is something wrong with my config ? Thanks for your help. On Wed, Oct 30, 2013 at 9:45 AM, Martin Willi <[email protected]> wrote: > Hi Luka, > > > Oct 30 07:34:39 00[KNL] received netlink error: Operation not supported > (95) > > Oct 30 07:34:39 00[KNL] unable to create IPv4 routing table rule > > Oct 30 07:34:39 00[KNL] received netlink error: Operation not supported > (95) > > Oct 30 07:34:39 00[KNL] unable to create IPv6 routing table rule > > Most likely your kernel is missing IP policy routing > (IP_MULTIPLE_TABLES). > > > Where can I get filenames (?.ko) for the kernel modules, that are > required > > for strongswan > > If I remember correctly, IP policy routing can't be provided by a > module, but is an optional functionality of the kernel itself. > > So if you can't replace the kernel with one having that option, you > might consider the let charon install routes to the main table instead > of the dedicated routing table. This can be achieved by setting > charon.routing_table = 0 in strongswan.conf, see [1]. > > Regards > Martin > > [1]http://wiki.strongswan.org/projects/strongswan/wiki/StrongswanConf > > >
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
