2

On Ubuntu 20.04, I am trying to establish a VPN tunnel to a IKEv2/Ipsec VPN site using Strongswan.

However, even though I have the file /etc/ipsec.conf as shown

# ipsec.conf - strongSwan IPsec configuration file

# basic configuration

config setup
    # strictcrlpolicy=yes
    # uniqueids = no

conn foo
    left= ...
    right= ...
    ...

when I run sudo ipsec up foo, I get the error

no config named 'foo'

I have tried the follow commands before running ipsec up foo, but the error persists.

sudo ipsec update
sudo ipsec reload 
sudo ipsec restart

Strongswan U5.8.2/K5.4.0-60-generic was installed using

sudo apt-get install strongswan libcharon-extra-plugins -y

What seems to be preventing the foo connection from being detected?

Thanks!

2
  • 1
    Have you configured auto in your conn section (the default value is ignore)?
    – ecdsa
    Commented Jan 25, 2021 at 10:39
  • @ecdsa Works after setting to auto. Thanks!
    – Nyxynyx
    Commented Jan 26, 2021 at 4:03

1 Answer 1

2

Connections defined in ipsec.conf are only loaded if auto is configured to anything but the default value, which is ignore.

A connection may simply be loaded (add) without starting it (e.g. as responder for roadwarriors), automatically started (start), or trap policies (based on left|rightsubnet) can be loaded into the IPsec stack/kernel (route) so matching traffic triggers the tunnel automatically.

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .