From owner-freebsd-questions@freebsd.org Mon Jan 25 10:20:55 2016 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 85172A45ECE for ; Mon, 25 Jan 2016 10:20:55 +0000 (UTC) (envelope-from maxidlabs@gmail.com) Received: from mail-yk0-x22a.google.com (mail-yk0-x22a.google.com [IPv6:2607:f8b0:4002:c07::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 444E7A2 for ; Mon, 25 Jan 2016 10:20:55 +0000 (UTC) (envelope-from maxidlabs@gmail.com) Received: by mail-yk0-x22a.google.com with SMTP id v14so155434767ykd.3 for ; Mon, 25 Jan 2016 02:20:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=Rp7XnNVg8Q2OtAYiuwDXMKyEKNu8NEmP5DbSfA/jUhg=; b=Lnk/2tAswrsTGiiT6Xfuv45xvPNfP4XT47lcA4MTK2cRvkZWJn9URv1QtoiYSDk3dE sR57t+igIyzf0zD+ysoFfIBxYnjYo/huyG62gvQx4o30TVXwQk19NRmJ2RVT3ZcwTXiL mrsYbmc961xgJWlUyaruuIYNA+qm6HIsHSq0XNLuzC8RH+1ZAv7LTEDKWTrJGw5j94no yc9DlXPL+swDSZkOPf2Ti6z3Na1SB2K4WoweKv/eNs1G3O3vmdHloLOzqst1itBijbc2 2jTHhmioN7In3XzwiR0R+lNrsN3tBx17vidHFzQUZxZoUE4oFvpWOaVurm2vrCGHydCW GdTQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=Rp7XnNVg8Q2OtAYiuwDXMKyEKNu8NEmP5DbSfA/jUhg=; b=RSwP2TjVs/T1OZWq+cRYFkYkRIuLuMtUvjRiiq8XVljK1aLLyJ2uASoBTVJjdnFrS8 lwJ2HPRZfVkZry8RS0pkKqgrfcAHNlXy9eaZUU7qlzL5AsYI65eCzbYM9uFSWZQQ9rr4 /ywRPzkhuvAbWEsRmABWDmGKf4Iyc42jolsSUFJ2dWn3lk1BmIEOHNVh9/mUiWrnTcOT uNbIU+AOBSg7UYRuTulhRaOWl7sVb8QqFW7JCf6Ezfgy80cccF0B1LbG3F/djUzRodoK oWBmL3iT0w9W3r8T7JMFd17qj4npqJTjM/iBbkFyYddwdDcT3AiDwJWJfX0OlutTKees DoKw== X-Gm-Message-State: AG10YOSRedmUgM1zuDCBsMY66lR+muPXnexI3YsWAIy8MrMk9Y43AjU89vWpDDvmuOBfbRxpsdrZ/eKJ3kHEPw== MIME-Version: 1.0 X-Received: by 10.129.154.149 with SMTP id r143mr7903554ywg.151.1453717254489; Mon, 25 Jan 2016 02:20:54 -0800 (PST) Received: by 10.129.1.3 with HTTP; Mon, 25 Jan 2016 02:20:54 -0800 (PST) In-Reply-To: References: <20160125080734.30916694.32552.1965@gmail.com> Date: Mon, 25 Jan 2016 11:20:54 +0100 Message-ID: Subject: Re: StrongSwan+FreeBSD 10.2+FreeBSD 11+enc0 does not work From: Max Id To: CeDeROM Cc: FreeBSD Questions Mailing List Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.20 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Jan 2016 10:20:55 -0000 StrongSwan is an automatic keying daemon, and thus does not require any manual IPSeac config tool. The logs of strongswan do not show any errors, both daemons report the connection is established. Even the routing table entry is added. As I said, the firewalls are disabled, so they do not interfere with testing. On Monday, January 25, 2016, CeDeROM wrote: > Racoon from ipsec tools can do that I guess. I recently set connection between Linux and Juniper using FreeBSD configuration :-) > > Did you setkey? What setkey -DP show? > > Maybe a firewall problem? > > Home routers can only pass one VPN session at time. > > Try to run daemon in foreground verbose debug to see where is the problem :-) > > Tomek > > -- > CeDeROM, SQ7MHZ, http://www.tomek.cedro.info