strongSwan

= strongSwan management application =

The IKEv2 daemon charon has a XML interface to query information and to control the daemon (see [wiki:SMP]). A web application allows to interact with the daemon using this protocol.

----

  '''''The manager is under heavy development and not for production use! '''''

----

== Building management application ==

The manager is based on a fastcgi application and uses the !ClearSilver templating engine to build the web sites. So you'll need

 * !ClearSilver including headers (Debian: clearsilver-dev)

 * FastCGI headers and library (Debian: libfcgi-dev)

 * SQLite3 with headers (Debian: libsqlite3-dev)

To build the manager, add the following options to ./configure

{{{

--enable-xml --enable-manager

}}}

== Setting up Apache 2 ==

As the manager uses FastCGI, different web server may be used to host the application. Here we look at configuration of apache using mod-fastcgi.

Additionally to Apache2, you'll need

 * mod-fastcgi (Debian: libapach2-mod-fastcgi)

Make sure to enable the new module and that the following fastcgi option is set (e.g. in mods-enabled/fastcgi.conf):

{{{

AddHandler fastcgi-script .fcgi

}}}

Add a script alias to a website:

{{{

ScriptAlias /manager /usr/local/libexec/ipsec/manager.fcgi

}}}

== Logging in ==

Now you can surf to 

{{{

http://host/manager/status/ikesalist

}}}

The shipped configuration allows you to log in using ''strongSwan'' with the password ''strongi''. Charon currently listens on TCP port 4502, so

choose that configuration for now.