Strongswan 加载连接但无法对其进行操作

tag-icon tag-icon centos strongswan
Strongswan 加载连接但无法对其进行操作

我在 Centos 7 盒子里安装了 Strongswan,有几个连接。当我这样做时,strongswan restart --debug-all它显示它正在重新启动服务并在输出中包含连接。

[root@RFXH001 ~]# strongswan restart --debug-all Stopping strongSwan IPsec... Starting strongSwan 5.6.1 IPsec [starter]... Loading config setup charondebug=all Loading conn 'vodacom_smpp' esp=aes128-sha1! ike=aes128-sha1-mopd1536! left=xxx.xxx.xxx.xxx leftfirewall=yes leftsubnet=xxx.xxx.xxx.xxx./xx right=xxx.xxx.xxx.xxx rightsubnet=xxx.xxx.xxx.xxx./xx authby=secret auto=add dpdaction=restart dpddelay=10 dpdtimeout=120 ikelifetime=24h keyexchange=ikev1 keyingtries=1 keylife=1h rekey=yes rekeymargin=3m type=tunnel Loading conn 'vodacom_ussd' esp=aes128-sha1! ike=aes128-sha1-mopd1536! left=xxx.xxx.xxx.xxx leftfirewall=yes leftsubnet=xxx.xxx.xxx.xxx/xx right=xxx.xxx.xxx.xxx rightsubnet=xxx.xxx.xxx.xxx/xx authby=secret auto=add dpdaction=restart dpddelay=10 dpdtimeout=120 ikelifetime=24h keyexchange=ikev1 keyingtries=1 keylife=1h rekey=yes rekeymargin=3m type=tunnel found netkey IPsec stack

但是当我strongswan statusall这样做时,它说它有 0 个连接,当我尝试up/down/route按名称连接任何这些连接时,它说no config named 'name-of-connection'

[root@RFXH001 ~]# strongswan statusall Status of IKE charon daemon (strongSwan 5.6.1, Linux 3.10.0-514.6.1.el7.x86_64, x86_64): uptime: 107 seconds, since Apr 15 15:15:32 2018 malloc: sbrk 1622016, mmap 0, used 555440, free 1066576 worker threads: 11 of 16 idle, 5/0/0/0 working, job queue: 0/0/0/0, scheduled: 0 loaded plugins: charon pkcs11 tpm aesni aes des rc2 sha2 sha1 md4 md5 mgf1 random nonce x509 revocation constraints acert pubkey pkcs1 pkcs8 pkcs12 pgp dnskey sshkey pem openssl gcrypt fips-prf gmp curve25519 chapoly xcbc cmac hmac ctr ccm gcm curl attr kernel-netlink resolve socket-default farp stroke vici updown eap-identity eap-sim eap-aka eap-aka-3gpp eap-aka-3gpp2 eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-tls eap-ttls eap-peap xauth-generic xauth-eap xauth-pam xauth-noauth dhcp led duplicheck unity counters Listening IP addresses: xxx.xxx.xxx.xxx Connections: Security Associations (0 up, 0 connecting): none

[root@RFXH001 ~]# strongswan up vodacom_smpp no config named 'vodacom_smpp'

你有遇到过这个问题吗?你是如何解决这个问题的?

相关配置

charon {
    load_modular = yes
    duplicheck.enable = no
    install_routes = yes
    compress = yes
    plugins {
            include strongswan.d/charon/*.conf
    }

    # two defined loggers
    filelog {
            /var/log/charon.log {
                    time_format = %b %e %T
                    ike_name = yes
                    append = no
                    default = 0
                    flush_line = yes
            }
            stderr {
                    ike = 2
                    knl = 3
            }
    }

    syslog {
            identifier = charon-custom
            daemon {
            }
            auth {
                    default = -1
                    ike = 0
            }
    }
}

include strongswan.d/*.conf

答案1

所以我在连接配置中有一个拼写错误,我写的mopdmodp.更改后,重新启动服务会添加连接并列出它们。

非常感谢你的帮助

相关内容