Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPsec doesn't work suddenly

    Scheduled Pinned Locked Moved IPsec
    1 Posts 1 Posters 733 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      esquire1968
      last edited by

      Hi!

      Till yesterday IPsec works well. Today I can't establish the connection. In the log I've a lot of errors …

      Mar 15 20:05:38 ipsec_starter[60324]:  
      Mar 15 20:05:38 ipsec_starter[60324]: 'con1' routed 
      Mar 15 20:05:38 charon: 13[CFG] received stroke: route 'con1' 
      Mar 15 20:05:38 charon: 14[CFG] added configuration 'con1' 
      Mar 15 20:05:38 charon: 14[CFG] received stroke: add connection 'con1' 
      Mar 15 20:05:38 ipsec_starter[60324]: charon (60566) started after 60 ms 
      Mar 15 20:05:38 charon: 00[JOB] spawning 16 worker threads 
      Mar 15 20:05:38 charon: 00[LIB] unable to load 6 plugin features (5 due to unmet dependencies)
      Mar 15 20:05:38 charon: 00[LIB] loaded plugins: charon unbound aes des blowfish rc2 sha1 sha2 md4 md5 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey ipseckey pem openssl fips-prf gmp xcbc cmac hmac curl attr kernel-pfkey kernel-pfroute resolve socket-default stroke smp updown eap-identity eap-sim eap-aka eap-aka-3gpp2 eap-md5 eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap xauth-generic xauth-eap whitelist addrblock unity 
      Mar 15 20:05:38 charon: 00[CFG] loaded 0 RADIUS server configurations 
      Mar 15 20:05:38 charon: 00[CFG] opening triplet file /var/etc/ipsec/ipsec.d/triplets.dat failed: No such file or directory
      Mar 15 20:05:38 charon: 00[CFG] loaded IKE secret for %any xxx.xxx.xxx.xxx 
      Mar 15 20:05:38 charon: 00[CFG] loading secrets from '/var/etc/ipsec/ipsec.secrets' 
      Mar 15 20:05:38 charon: 00[CFG] loading crls from '/var/etc/ipsec/ipsec.d/crls' 
      Mar 15 20:05:38 charon: 00[CFG] loading attribute certificates from '/var/etc/ipsec/ipsec.d/acerts' 
      Mar 15 20:05:38 charon: 00[CFG] loading ocsp signer certificates from '/var/etc/ipsec/ipsec.d/ocspcerts' 
      Mar 15 20:05:38 charon: 00[CFG] loading aa certificates from '/var/etc/ipsec/ipsec.d/aacerts' 
      Mar 15 20:05:38 charon: 00[CFG] loaded ca certificate "..." from '/var/etc/ipsec/ipsec.d/cacerts/df28683a.0.crt' 
      Mar 15 20:05:38 charon: 00[CFG] loaded ca certificate "..." from '/var/etc/ipsec/ipsec.d/cacerts/a9025906.0.crt' 
      Mar 15 20:05:38 charon: 00[CFG] loading ca certificates from '/var/etc/ipsec/ipsec.d/cacerts' 
      Mar 15 20:05:38 charon: 00[CFG] ipseckey plugin is disabled
      Mar 15 20:05:38 charon: 00[NET] enabling UDP decapsulation for IPv6 on port 4500 failed
      Mar 15 20:05:38 charon: 00[KNL] unable to set UDP_ENCAP: Invalid argument 
      Mar 15 20:05:38 charon: 00[DMN] Starting IKE charon daemon (strongSwan 5.2.1, FreeBSD 10.1-RELEASE-p4, amd64) 
      Mar 15 20:05:38 ipsec_starter[59743]: no known IPsec stack detected, ignoring! 
      Mar 15 20:05:38 ipsec_starter[59743]: no KLIPS IPsec stack detected 
      Mar 15 20:05:38 ipsec_starter[59743]: no netkey IPsec stack detected 
      Mar 15 20:05:38 ipsec_starter[59743]: Starting strongSwan 5.2.1 IPsec [starter]... 
      
      

      Any ideas?

      Thx
      esquire1968

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.