To enable the plugin, add
--enable-attr-sqlto the ./configure options.
Also required is support for either MySQL (
--enable-mysql) or SQLite (
Configured attributes are assigned to peers via configuration payloads (IKEv2) or via Mode Config (IKEv1). Attributes are only assigned to peers if they request a virtual IP.
The plugin is configured using the following strongswan.conf options.
|charon.plugins.attr-sql.crash_recovery||yes||Release all online leases during startup. Disable this to share the DB between multiple VPN gateways. Since 5.5.3.|
|charon.plugins.attr-sql.database||Database URI used by both daemons|
|charon.plugins.attr-sql.lease_history||yes||Enable logging of IP pool leases|
Database Setup¶To setup the database use the schema defined in the following SQL scripts:
These files contain the complete database schema, which includes tables that are only required by the sql plugin.
Attributes stored in the database can be managed using the ipsec pool utility.