TechQA.

Cannot establish a connection using StrongSwan: "no config named"

644 views Asked by At

I am trying to set up a VPN connection on an Ubuntu server using StrongSwan. I have followed several guides, but when I attempt to establish the connection, I receive the error "no config named 'cockvpn'". I have tried multiple solutions, but none have worked so far. I am looking for help in resolving this issue.

Here's what I have done so far:

Installed StrongSwan and required plugins:

sudo apt-get update
sudo apt-get install strongswan strongswan-plugin-eap-mschapv2

Created the /etc/ipsec.conf file with the following content:

config setup
    charondebug="ike 1, knl 1, cfg 0"
    uniqueids=no

conn cockvpn
    keyexchange=ikev2
    ike=aes256-sha256-modp2048!
    esp=aes256-sha256128!
    dpdaction=clear
    dpddelay=300s
    rekey=no
    left=%any
    leftsubnet=0.0.0.0/0
    leftfirewall=yes
    right=cockvpn.org
    rightsubnet=0.0.0.0/0
    rightid=%any
    auto=add

Imported the provided CA certificate into /etc/ipsec.d/cacerts/.

Checked the syntax of the ipsec.conf file using sudo ipsec checkconf, and no errors were reported.

Made sure the StrongSwan service is using the correct configuration file by checking the service configuration and modifying it if necessary.

Restarted the StrongSwan service and attempted to establish a connection using sudo ipsec up cockvpn. I also trying restart charon.

Despite these steps, I still receive the "no config named 'cockvpn'" error. I have also checked the file permissions and file paths, but everything seems to be correct.

Has anyone encountered a similar issue or can provide guidance on how to resolve this problem? Any help would be greatly appreciated.

ubuntu 22.04 Linux strongSwan U5.6.2/K4.15.0-210-generic

ubuntu ipsec strongswan
Original Q&A
1

There are 1 answers

0
Biniam Gebremariam On

Connections defined in ipsec.conf are only loaded if auto is configured to anything but the default value, which is ignore.

A connection may simply be loaded (add) without starting it (e.g. as responder for roadwarriors), automatically started (start), or trap policies (based on left|rightsubnet) can be loaded into the IPsec stack/kernel (route) so matching traffic triggers the tunnel automatically.

So inorder to fix the issue change the value of auto to ignore set your configuration like this

config setup
    charondebug="ike 1, knl 1, cfg 0"
    uniqueids=no

conn cockvpn
    keyexchange=ikev2
    ike=aes256-sha256-modp2048!
    esp=aes256-sha256128!
    dpdaction=clear
    dpddelay=300s
    rekey=no
    left=%any
    leftsubnet=0.0.0.0/0
    leftfirewall=yes
    right=cockvpn.org
    rightsubnet=0.0.0.0/0
    rightid=%any
    auto=ignore

Related Questions in UBUNTU

Related Questions in IPSEC

Related Questions in STRONGSWAN

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Trending Questions