Project

General

Profile

Issue #2737

SPD isn't workable on linux

Added by heidi rao 5 months ago. Updated 12 days ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
configuration
Affected version:
5.6.3
Resolution:
No feedback

Description

I add a connection in ipsec.conf, after "ipsec start", SPD is inserted. But When I ping peer(IPv4), exactly matching the SPD, but the IKE negotiation is not triggered.
I checked the kernel module, all the modules are inserted as described in [[https://wiki.strongswan.org/projects/strongswan/wiki/KernelModules]]. I also loaded xt_policy modules.
Is there anything else I need to check? Thanks!

Heidi

History

#1 Updated by Tobias Brunner 5 months ago

  • Category changed from kernel to configuration
  • Status changed from New to Feedback
  • Priority changed from High to Normal

If you actually see policies that should match your traffic after starting the daemon (i.e. if you check with ip xfrm policy) and there is no acquire received by the daemon, it's probably a kernel issue.

#2 Updated by Noel Kuntze 12 days ago

  • Status changed from Feedback to Closed
  • Resolution set to No feedback

Also available in: Atom PDF