Hi all,
I've set up an IPsec + IKEv2 VPN server ('road warrior' set up) on
Debian 10 with StrongSwan. It was my understanding that
/etc/strongswan.d/swanctl.conf is the modern way to configure it
so that's what I did.
But now after every boot I have to run 'swanctl --load-all' to be able
to be able to authenticate with the VPN. I found a slightly related
Stack Exchange post[1] which talks about charon-systemd vs.
starter/chron and to be honest it's not quite clear to me what these
different parts are supposed to do.
These are the strongswan and charon packages I have installed:
charon-systemd
libcharon-extra-plugins
libstrongswan
libstrongswan-extra-plugins
libstrongswan-standard-plugins
strongswan-charon
strongswan-libcharon
strongswan-starter
strongswan-swanctl
So it looks like *both* the starter and charon-systemd are installed.
But when I remove the starter the service doesn't seem to work at all -
I can't initiate IPsec connections to the machine then.
There is of course the StrongSwan documentation but it didn't help me
in this aspect.
Any ideas?
Thanks,
Sijmen Mulder
1:
https://unix.stackexchange.com/questions/557032/how-to-start-a-swanctl-conf-configured-tunnel-automatically
