Hi Jafar, You are right! After I allowed user “frr” to access “charon.vici”, the error message is gone.
Now I’m getting this error message. 2017/11/08 15:41:45 NHRP: VICI: StrongSwan does not support mandatory events (unpatched?) I installed tteras’ patched version of strongswan. However I’m not sure how to tell if it’s properly installed. I got it from git: git clone git://git.alpinelinux.org/user/tteras/strongswan Then I used the “autogen.sh” script, then “configure", then “make; make install”. Not sure if I have done anything wrong, or missed anything. Is there a way to validate that Strongswan is properly patched and installed? Regards, Terry On 8 November 2017 at 00:34:52, Jafar Al-Gharaibeh ([email protected]) wrote: Terry, From the limited information you are giving, my guess is that nhrpd doesn't have permissions to access the VICI socket. nhrpd is probably configured as part of FRR/Quagga with permissions to access /var/run/frr or /var/run/quagga only. Whereas the vici socket, according to https://wiki.strongswan.org/projects/strongswan/wiki/VICI is: unix:///var/run/charon.vici Give nhrpd permissions to access to this file and you should be good to. --Jafar On 11/7/2017 10:06 AM, Chengcheng Fu wrote: Hi, I’m trying to setup nhrpd with strongswan, and I’m getting this error message. Failure connecting VICI socket: permission denied I wonder if there is a way to test the VICI socket and see if it’s running properly? Regards, Terry
