Hi Andreas, I am getting below log in both the ubuntu 14.04 LTS machine.Please suggest me where I went wrong. Starting IKE charon daemon (strongSwan 5.1.2, Linux 3.13.0-32-generic, x86_64) May 19 17:16:20 necs101-desktop charon: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts' May 19 17:16:20 necs101-desktop charon: 00[CFG] loaded ca certificate "C=in, ST=karnataka, L=bangalore, O=netcloudsystems, OU=dev, CN=necs, E= [email protected]" from '/etc/ipsec.d/cacerts/strongswanCert.pem' May 19 17:16:20 necs101-desktop charon: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts' May 19 17:16:20 necs101-desktop charon: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts' May 19 17:16:20 necs101-desktop charon: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts' May 19 17:16:20 necs101-desktop charon: 00[CFG] loading crls from '/etc/ipsec.d/crls' May 19 17:16:20 necs101-desktop charon: 00[CFG] loading secrets from '/etc/ipsec.secrets' May 19 17:16:20 necs101-desktop charon: 00[LIB] loaded plugins: charon test-vectors aes rc2 sha1 sha2 md4 md5 rdrand random nonce x509 revocation constraints pkcs1 pkcs7 pkcs8 pkcs12 pem openssl xcbc cmac hmac ctr ccm gcm attr kernel-netlink resolve socket-default stroke updown eap-identity addrblock May 19 17:16:20 necs101-desktop charon: 00[LIB] unable to load 5 plugin features (5 due to unmet dependencies) May 19 17:16:20 necs101-desktop charon: 00[LIB] dropped capabilities, running as uid 0, gid 0 May 19 17:16:20 necs101-desktop charon: 00[JOB] spawning 16 worker threads May 19 17:16:20 necs101-desktop charon: 05[CFG] crl caching to /etc/ipsec.d/crls enabled May 19 17:16:20 necs101-desktop charon: 04[CFG] received stroke: add ca 'strongswan' May 19 17:16:20 necs101-desktop charon: 04[CFG] loaded ca certificate "C=in, ST=karnataka, L=bangalore, O=netcloudsystems, OU=dev, CN=necs, E= [email protected]" from 'strongswanCert.pem' May 19 17:16:20 necs101-desktop charon: 04[CFG] added ca 'strongswan' May 19 17:16:20 necs101-desktop charon: 09[CFG] received stroke: add connection 'host-host' May 19 17:16:20 necs101-desktop charon: 09[LIB] OpenSSL X.509 parsing failed May 19 17:16:20 necs101-desktop charon: 09[LIB] building CRED_CERTIFICATE - ANY failed, tried 1 builders May 19 17:16:20 necs101-desktop charon: 09[CFG] loading certificate from 'hostKey.pem' failed May 19 17:16:20 necs101-desktop charon: 09[CFG] added configuration 'host-host'
On Tue, May 19, 2015 at 4:40 PM, Priyaranjan Nayak < [email protected]> wrote: > Hi Andreas, > > I have got below syslogs from my machine. > > Starting IKE charon daemon (strongSwan 5.1.2, Linux 3.13.0-19-generic, > x86_64) > May 19 16:23:49 priya charon: 00[CFG] loading ca certificates from > '/etc/ipsec.d/cacerts' > May 19 16:23:49 priya charon: 00[CFG] loaded ca certificate "C=in, > ST=karnataka, L=bangalore, O=netcloudsystems, OU=dev, CN=necs, E= > [email protected]" from > '/etc/ipsec.d/cacerts/strongswanCert.pem' > May 19 16:23:49 priya charon: 00[CFG] loading aa certificates from > '/etc/ipsec.d/aacerts' > May 19 16:23:49 priya charon: 00[CFG] loading ocsp signer certificates > from '/etc/ipsec.d/ocspcerts' > May 19 16:23:49 priya charon: 00[CFG] loading attribute certificates from > '/etc/ipsec.d/acerts' > May 19 16:23:49 priya charon: 00[CFG] loading crls from '/etc/ipsec.d/crls' > May 19 16:23:49 priya charon: 00[CFG] loading secrets from > '/etc/ipsec.secrets' > May 19 16:23:49 priya charon: 00[LIB] building CRED_PRIVATE_KEY - RSA > failed, tried 5 builders > May 19 16:23:49 priya charon: 00[CFG] loading private key from > '/etc/ipsec.d/private/hostKey.pem' failed > May 19 16:23:49 priya charon: 00[LIB] loaded plugins: charon test-vectors > aes rc2 sha1 sha2 md4 md5 rdrand random nonce x509 revocation constraints > pkcs1 pkcs7 pkcs8 pkcs12 pem openssl xcbc cmac hmac ctr ccm gcm attr > kernel-netlink resolve socket-default stroke updown eap-identity addrblock > May 19 16:23:49 priya charon: 00[LIB] unable to load 5 plugin features (5 > due to unmet dependencies) > May 19 16:23:49 priya charon: 00[LIB] dropped capabilities, running as uid > 0, gid 0 > May 19 16:23:49 priya charon: 00[JOB] spawning 16 worker threads > May 19 16:23:49 priya charon: 03[CFG] crl caching to /etc/ipsec.d/crls > enabled > May 19 16:23:49 priya charon: 09[CFG] received stroke: add ca 'strongswan' > May 19 16:23:49 priya charon: 09[CFG] loaded ca certificate "C=in, > ST=karnataka, L=bangalore, O=netcloudsystems, OU=dev, CN=necs, E= > [email protected]" from 'strongswanCert.pem' > May 19 16:23:49 priya charon: 09[CFG] added ca 'strongswan' > May 19 16:23:49 priya charon: 10[CFG] received stroke: add connection > 'host-host' > May 19 16:23:49 priya charon: 10[LIB] OpenSSL X.509 parsing failed > May 19 16:23:49 priya charon: 10[LIB] building CRED_CERTIFICATE - ANY > failed, tried 1 builders > May 19 16:23:49 priya charon: 10[CFG] loading certificate from > 'hostKey.pem' failed > May 19 16:23:49 priya charon: 10[CFG] added configuration 'host-host' > > > > On Tue, May 19, 2015 at 4:03 PM, Andreas Steffen < > [email protected]> wrote: > >> Hi Priyaranjan, >> >> the links I sent you should be fine as a guidance for your host-host >> IPsec setup. If you run into any problems just send us the strongSwan >> log files. >> >> Regards >> >> Andreas >> >> On 19.05.2015 12:26, Priyaranjan Nayak wrote: >> >>> Hi Andreas, >>> >>> I have two machine i.e 192.168.1.116 and 192.168.1.118 and wanted to >>> setup the IPsec between these two machine. In my network one MODEM , >>> SWITCH and two machine are there.For more clarification of network, I >>> have attached the network diagram. I have tried the above link ,it's not >>> working for me . Please suggest me to setup the IPsec for my >>> network.Thanks for your quick reply. >>> >>> On Tue, May 19, 2015 at 1:38 PM, Andreas Steffen >>> <[email protected] <mailto:[email protected]>> >>> wrote: >>> >>> Hi Priyaranjan, >>> >>> here is an example for a host-host connection in IPsec tunnel mode: >>> >>> http://www.strongswan.org/uml/testresults/ikev2/host2host-cert/ >>> >>> and here in IPsec transport mode: >>> >>> http://www.strongswan.org/uml/testresults/ikev2/host2host-transport/ >>> >>> Regards >>> >>> Andreas >>> >>> POn 05/19/2015 09:47 AM, Priyaranjan Nayak wrote: >>> > Hi All, >>> > >>> > I wanted to use the strongswan with IKEv2 for IPsec between two >>> hosts. >>> > Could you please suggest me how can configure for two hosts ? >>> > Please suggest me if you have any other idea/link ? >>> > >>> > >>> > Thanks >>> > Priyaranjan >>> >>> >>> ====================================================================== >>> Andreas Steffen [email protected] >>> <mailto:[email protected]> >>> strongSwan - the Open Source VPN Solution! www.strongswan.org >>> <http://www.strongswan.org> >>> Institute for Internet Technologies and Applications >>> University of Applied Sciences Rapperswil >>> CH-8640 Rapperswil (Switzerland) >>> >>> ===========================================================[ITA-HSR]== >>> >>> >>> >>> >>> -- >>> Thanks >>> Priyaranjan >>> >> >> -- >> ====================================================================== >> Andreas Steffen [email protected] >> strongSwan - the Open Source VPN Solution! www.strongswan.org >> Institute for Internet Technologies and Applications >> University of Applied Sciences Rapperswil >> CH-8640 Rapperswil (Switzerland) >> ===========================================================[ITA-HSR]== >> >> > > > -- > Thanks > Priyaranjan > -- Thanks Priyaranjan -- Thanks Priyaranjan
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
