Hi All:
Using FW 7.5, we have a modified /etc/init.d/ipsec file, the modified section is:
prepare_strongswan_config(){
echo "charon {" >"$File_strongswan"
if [ $KERNEL_LIB -eq 0 ]; then
echo " load = charon aes des rc2 sha1 sha2 md5 random nonce x509 revocation constraints pubkey pkcs1 pkcs8 pgp dnskey sshkey pem fips-prf gmp xcbc hmac attr kernel-netlink resolve socket-default stroke updown vici xauth-generic" >>"$File_strongswan"
else
echo " load = charon aes des rc2 sha1 sha2 md5 random nonce x509 revocation constraints pubkey pkcs1 pkcs8 pgp dnskey sshkey pem fips-prf gmp xcbc hmac attr kernel-netlink resolve socket-default stroke updown xauth-generic vici kernel-libipsec" >>"$File_strongswan"
fi
echo " i_dont_care_about_security_and_use_aggressive_mode_psk = yes" >>"$File_strongswan"
echo " charon.make_before_break = yes" >>"$File_strongswan"
echo "}" >>"$File_strongswan"
The addition is the second last line. This works fine on FW 7.5.
On 8.3 strongswan throws this error when we issue a /etc/init.d/ipsec start:
[email protected]:~# /etc/init.d/ipsec start
/etc/strongswan.conf:4: syntax error, unexpected ., expecting : or '{' or '=' [.]
invalid config file '/etc/strongswan.conf'
abort initialization due to invalid configuration
Starting strongSwan 5.8.4 IPsec [starter]...
I need to change that /etc/init.d/ipsec file but have no idea what to adjust.
Any ideas?
Cheers,
John
