Hi Noel, Andreas Now my strongswan is working well now. Thank you verry much!
2014-08-19 13:28 GMT+08:00 Andreas Steffen <[email protected]>: > Hello Amysu, > > go into the strongswan source directory and execute > > make clean > ./configure --sysconfdir=/etc <any other options> > make > make install > > and the path pointing to the configuration files is changed from > /usr/local/etc to /etc. If you want you to clean up you can remove > the old configuration files: > > cd /usr/local/etc > rm -r ipsec.d swanctl ipsec.secrets ipsec.conf strongswan.conf > > Best regards > > Andreas > > On 08/19/2014 07:02 AM, [email protected] wrote: > > Hello Andreas, > > > > I have installed strongswan, how can change the sysconfdir, should I > > uninstall it first? I don't know how to uninstall strongswan? > > > > Thanks for your help > > > > > > 2014-08-19 12:36 GMT+08:00 Andreas Steffen > > <[email protected] <mailto:[email protected] > >>: > > > > Hello Amysue, > > > > you have to build strongSwan with > > > > ./configure --sysconfdir=/etc > > > > Regards > > > > Andreas > > > > On 08/19/2014 05:18 AM, [email protected] > > <mailto:[email protected]> wrote: > > > Hi Noel, > > > > > > I have checked the strongswan logs at /var/log/messages, and I > found > > > that it load the conf directory /usr/loca/etc, while I put all my > > conf > > > files at /etc, which I think cause my problem. > > > Is there any way that I can change the conf directory to /etc. > > > > > > Thanks, > > > > > > > > > 2014-08-18 21:16 GMT+08:00 Noel Kuntze <[email protected] > > <mailto:[email protected]> > > > <mailto:[email protected] <mailto:[email protected]>>>: > > > > > > Hello Amysue > > > > > > Please refer to [2] for a how-to for installing strongSwan. > > > Please note that some modules that could be necessary for your > setup > > > need to be compiled by giving the corresponding parameters to > > > ./configure. > > > > > > Regards, > > > Noel Kuntze > > > > > > GPG Key id: 0x63EC6658 > > > Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658 > > > > > > Am 18.08.2014 um 15:12 schrieb [email protected] > > <mailto:[email protected]> > > > <mailto:[email protected] <mailto:[email protected]>>: > > >> I also want to know are there any special configurations to > > > install strongswan for ikev2 mobike? > > > > > >> For install strongswan to my pc, I just > > >> /./configure/ > > >> /make/ > > >> /make install/ > > >> / > > >> / > > >> Thanks, > > > > > > > > >> 2014-08-18 21:08 GMT+08:00 <[email protected] > > <mailto:[email protected]> > > > <mailto:[email protected] <mailto:[email protected]>> > > <mailto:[email protected] <mailto:[email protected]> > > > <mailto:[email protected] <mailto:[email protected]>>>>: > > > > > >> Hi Noel, > > >> The output of "ipsec statusall" is > > >> /Status of IKE charon daemon (strongSwan 5.0.2, Linux > > > 2.6.18-348.1.1.el5, i686):/ > > >> / uptime: 14 minutes, since Aug 18 18:21:46 2014/ > > >> / malloc: sbrk 135168, mmap 0, used 86616, free 48552/ > > >> / worker threads: 8 of 16 idle, 7/1/0/0 working, job queue: > > > 0/0/0/0, scheduled: 0/ > > >> / loaded plugins: charon aes des sha1 sha2 md5 random nonce > > > x509 revocation constraints pubkey pkcs1 pkcs8 pgp dnskey pem > > > fips-prf gmp xcbc cmac hmac attr kernel-netlink resolve > > > socket-default stroke updown eap-md5 eap-radius xauth-generic/ > > >> /Listening IP addresses:/ > > >> / 192.168.2.6/ <http://192.168.2.6/> <http://192.168.2.6/> > > >> / 12.12.1.203/ <http://12.12.1.203/> <http://12.12.1.203/> > > >> /Connections:/ > > >> /Security Associations (0 up, 0 connecting):/ > > >> / none/ > > > > > >> And, how do I enable logging[1] ? I don't use strongswan > > > much, So it feel difficult for me. > > >> Thank you again for your help > > > > > > > > > > > >> 2014-08-18 21:02 GMT+08:00 Noel Kuntze > > <[email protected] <mailto:[email protected]> > > > <mailto:[email protected] <mailto:[email protected]>> > > <mailto:[email protected] <mailto:[email protected]> > > > <mailto:[email protected] <mailto:[email protected]>>>>: > > > > > >> Hello, > > > > > >> Check your system log for errors and show us the output of "ipsec > > > statusall". > > >> Sometimes, it takes a couple of seconds for the daemon to load the > > > configuration. Waiting a bit can help in this case. > > >> The reason for this is, that all the ipsec commands are > asynchronous. > > >> If the configuration isn't loaded for a couple of seconds, please > > > enable logging[1]. > > >> StrongSwan can handle Mobike. It's a daemon thing, not a kernel > > thing. > > > > > >> [1] > > > > > > https://wiki.strongswan.org/projects/strongswan/wiki/LoggerConfiguration > > > > > >> Regards, > > >> Noel Kuntze > > > > > >> GPG Key id: 0x63EC6658 > > >> Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658 > > > > > >> Am 18.08.2014 um 14:56 schrieb [email protected] > > <mailto:[email protected]> > > > <mailto:[email protected] <mailto:[email protected]>> > > <mailto:[email protected] <mailto:[email protected]> > > > <mailto:[email protected] <mailto:[email protected]>>>: > > >>> Hello, > > > > > >>> My OS is centos 5.9 and i have installed Linux strongSwan > > > U5.0.2/K2.6.18-348.1.1.el5. > > >>> After installation,i start strongswan: > > >>> ipsec start > > >>> then i up an connection: > > >>> ipsec up client > > >>> then I get an error:*no config named 'client'* > > >>> Actually, I define an connection in /etc/ipsec.conf. > > > > > >>> Below is my /etc/ipsec.conf > > > > > >>> /config setup/ > > >>> / strictcrlpolicy=no/ > > >>> / charonstart=yes/ > > >>> / > > >>> / > > >>> /conn %default/ > > >>> / ikelifetime=28800s/ > > >>> / keylife=28800s/ > > >>> / rekeymargin=3m/ > > >>> / keyingtries=3/ > > >>> / keyexchange=ikev2/ > > >>> / ike=3des-sha1-modp1024/ > > >>> / esp=3des-sha1/ > > >>> / > > >>> / > > >>> /conn client/ > > >>> / left=12.12.1.203/ <http://12.12.1.203/> > > <http://12.12.1.203/> <http://12.12.1.203/> > > >>> / leftsourceip=%config/ > > >>> / leftcert=client1_cert.pem/ > > >>> / leftid="/C=CN/ST=SH/O=CS/CN=IKEv2_Client1"/ > > >>> / right=11.11.11.200/ <http://11.11.11.200/> > > <http://11.11.11.200/> > > > <http://11.11.11.200/> > > >>> / rightid="/C=CN/ST=SH/O=CS/CN=11.11.11.200"/ > > >>> / rightsubnet=192.168.168.0/24 <http://192.168.168.0/24> > > <http://192.168.168.0/24> > > > <http://192.168.168.0/24> <http://192.168.168.0/24>/ > > >>> / auto=add/ > > >>> / > > >>> / > > >>> I have no idea what to do now, I really need your help, any one > > > could help me? > > >>> Thank you very much > > > > > > > > ====================================================================== > > Andreas Steffen > > [email protected] <mailto: > [email protected]> > > strongSwan - the Open Source VPN Solution! > > www.strongswan.org <http://www.strongswan.org> > > Institute for Internet Technologies and Applications > > University of Applied Sciences Rapperswil > > CH-8640 Rapperswil (Switzerland) > > > ===========================================================[ITA-HSR]== > > > > > > -- > ====================================================================== > Andreas Steffen [email protected] > strongSwan - the Open Source VPN Solution! www.strongswan.org > Institute for Internet Technologies and Applications > University of Applied Sciences Rapperswil > CH-8640 Rapperswil (Switzerland) > ===========================================================[ITA-HSR]== > >
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
