SPD isn't workable on linux
I add a connection in ipsec.conf, after "ipsec start", SPD is inserted. But When I ping peer(IPv4), exactly matching the SPD, but the IKE negotiation is not triggered.
I checked the kernel module, all the modules are inserted as described in [[https://wiki.strongswan.org/projects/strongswan/wiki/KernelModules]]. I also loaded xt_policy modules.
Is there anything else I need to check? Thanks!
#1 Updated by Tobias Brunner 5 months ago
- Category changed from kernel to configuration
- Status changed from New to Feedback
- Priority changed from High to Normal
If you actually see policies that should match your traffic after starting the daemon (i.e. if you check with
ip xfrm policy) and there is no acquire received by the daemon, it's probably a kernel issue.