Sorry, my bad, I've edited backup config file. If I execute command: >./ipsec --directory I get: /usr/local/libexec/ipsec So config file is in /usr/local/etc/
Now I edited /usr/local/etc/strongswan.conf, added routing_table=0 (without "charon." key) and netlink error is gone, great, thanks! However, there are some more errors: Oct 30 12:20:57 00[NET] installing IKE bypass policy failed Oct 30 12:20:57 00[NET] installing IKE bypass policy failed Oct 30 12:20:57 00[NET] enabling UDP decapsulation for IPv6 on port 4500 failed Oct 30 12:20:57 00[NET] installing IKE bypass policy failed Oct 30 12:20:57 00[NET] installing IKE bypass policy failed Oct 30 12:20:57 00[NET] enabling UDP decapsulation for IPv4 on port 4500 failed ... Oct 30 12:20:57 00[LIB] building CRED_CERTIFICATE - X509 failed, tried 3 builders Oct 30 12:20:57 00[CFG] loading ca certificate from '/usr/local/etc/ipsec.d/cacerts/caHisaCert.pem' failed (new log file: https://dl.dropboxusercontent.com/u/2261256/forums/ipsec/charon1.log) There is one thing that I forgot to mention: When I run "ipsec start" command, I get following messages: Starting strongSwan 5.1.0 IPsec [starter]... modprobe: chdir(2.6.32.12): No such file or directory modprobe: chdir(2.6.32.12): No such file or directory modprobe: chdir(2.6.32.12): No such file or directory modprobe: chdir(2.6.32.12): No such file or directory modprobe: chdir(2.6.32.12): No such file or directory So kernel modules probably didn't load properly I've tried to fix problem by adding following dir: >mkdir /usr/lib/modules/2.6.32.12 and copy modules to that dir >cp /usr/lib/modules/* /usr/lib/modules/2.6.32.12/ Now I get this error: ./ipsec start Starting strongSwan 5.1.0 IPsec [starter]... modprobe: can't open 'modules.dep': No such file or directory modprobe: can't open 'modules.dep': No such file or directory modprobe: can't open 'modules.dep': No such file or directory modprobe: can't open 'modules.dep': No such file or directory And I'm stuck again. Do you have any idea what's going on here ? which module files are missing, so I can try to load them by hand (insmod command) ? Thanks! On Wed, Oct 30, 2013 at 11:39 AM, Martin Willi <[email protected]>wrote: > > > I've added charon.routing_table=0 to strongswan.conf > > > 00[KNL] unable to create IPv4 routing table rule > > The option is not in effect; otherwise that error won't show up. Make > sure you edit the strongswan.conf that charon reads, an you use the > correct syntax (you can't write charon.routing_table as key, but have to > define the routing_table key in the charon section). See [1] for > details. > > Regards > Martin > > [1]http://wiki.strongswan.org/projects/strongswan/wiki/StrongswanConf > > >
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
