Here's what I use. Definitely works with ikev2 without --enable-ikev2. Can't speak to ikev1. I use it with certificate-based authentication.
./configure --prefix= --enable-eap-mschapv2 --enable-eap-identity --enable-openssl --enable-eap-md5 --enable-eap-tls --enable-eap-dynamic --enable-systemd --enable-swanctl --disable-charon --disable-stroke --disable-scepclient --enable-counters From: Users <users-boun...@lists.strongswan.org> On Behalf Of Paramashivaiah, Sunil Sent: Tuesday, July 20, 2021 4:53 AM To: users@lists.strongswan.org Cc: Bhattacharjee, Debapriyo (c) <dbhattachar...@rbbn.com>; Shivakumar Poojari <shivakumar.pooj...@rbbn.com> Subject: Re: [strongSwan] Replacing Racoon2 with strongswan Hi All, If we configure strongswan using the below options will it be sufficient to use it for Ikev1 and Ikev2. Please let me know if we need to add any more plugins like --enable-libipsec --enable-kernel-libipsec ./configure --prefix=/usr --sysconfdir=/etc --enable-charon --enable-swanctl --enable-ikev2 --enable-ikev1 --enable-acert --enable-openssl Also by default will there be any plugins that will be enabled. Do we need to disable any plugins. Please suggest. Thanks and Regards, Sunil From: Paramashivaiah, Sunil Sent: Tuesday, July 20, 2021 1:47 PM To: users@lists.strongswan.org<mailto:users@lists.strongswan.org> Cc: Shivakumar Poojari <shivakumar.pooj...@rbbn.com<mailto:shivakumar.pooj...@rbbn.com>>; Bhattacharjee, Debapriyo (c) <dbhattachar...@rbbn.com<mailto:dbhattachar...@rbbn.com>> Subject: Replacing Racoon2 with strongswan Hi All, We are planning to replace racoon2 with stongswan in our product for IPsec Ikev1 and Ikve2 functionality. We are trying to build strongswan on debian10 Linux and we find that there are lot of optional plugins available. Could anyone please guide us with required set of plugins that we need to use to build strongswan for Ikev1 and Ikev2 functionality. Thanks and Regards, Sunil Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.