On Sat, Feb 16, 2019, at 10:09 AM, Rudi Barnard wrote:
> Hi,
>
> Have been using openswan on Ubuntu 14.04 on AWS EC2 for site to site
> connections (Ikev1 + PSK).> Recently upgraded an image of the Ubuntu EC2
> instance from 14.04
> to 18.04.> Result is that openswan gets replaced with Strongswan. I eventually
> did a scratch install of strongswan and also installed the Cisco
> plugin for multiple subnet support.>
> Now testing one of the MANY VPNs we have previously setup on openswan.>
> Tunnels are up but ip xfrm policy / state shows no entry and therefore
> I assume that there is config issue.>
> Very new with Strongswan so not sure where to start troubleshooting.
>
> Thanks.
>
> [snip]
>
I'm a newbie too, but ... anything interesting in the logs?
journalctl -f -u strongswan
And then force a reconnect from a client.
---
By the way, this is like a plague that gets copied from tutorial
to tutorial:
charondebug="ike 1, knl 1, cfg 0"
You may want to set "cfg" log level to 1 or even 2 (and the others too)
for troubleshooting.
-- K
