Re: StrongSwan as configured on Knoppix 8.1 isn't really useful ...
On 02/13/2018 07:06 AM, Klaus Knopper wrote:
> On 10.02.18, hb wrote:
>> or, more or less the same problems as with Knoppix 7.7.1:
>> - XAuth is not installed and installing it is not straight forward
>> - The kernel doesn't seem to be configured to support whatever
>> (allocating SPI) strongSwan needs.
>
> Can you tell me which kernel option is missing?
Actually, I don't know. The message "Operation not supported" when
allocating something from the kernel let me think it was/is a
configuration option.
> Please use
>
> apt install -t testing libcharon-extra-plugins
That makes sense, I didn't think of "testing". As 5.5.1-3 was mentioned
I just tried to install that version.
>> allocating SPI failed: Operation not supported (95)
>> unable to get SPI
>> allocating SPI from kernel failed
>> removing DNS server <DNS2_IP> from /etc/resolv.conf
>> removing DNS server <DNS1_IP> from /etc/resolv.conf
>> establishing connection 'remote' failed
>
> Does this help: https://wiki.strongswan.org/issues/996
> ?
Hmm, I have to admit I'm not familiar with setcap and only used it a few
times. Do I need this if I run this from root? I run the starter and
charon as root. Maybe that's not recommended but ...
This works out of the box - without setting any capability - on Ubuntu
17.10: Status of IKE charon daemon (strongSwan 5.5.1, Linux
4.13.0-16-generic, x86_64).
Regards,
Hartmut
Reply to: