Strongswan not starting on 22.1

[Cerberus]

Hi,

any solution to this? i just created a new opnsense install and trying to setup a s2s ipsec connection. Starting ipsec by hand tells me there is not configuration file in "/usr/local/etc/strongswan.oipensense.d/*.conf". Log is completly empty.

I checked ciphers and i use aes-gcm-256 and sha256, that should be supported on FreeBSD 13.x. This connection was created on the latest version of OPNsense.

[agirling]

Any update on this?  I upgraded to 22.1 but the IPsec UI is not writing any configuration files.

As a result my connection cannot offer a proposal during the INIT phase.

[agirling]

For future readers, my issue was related to IPsec being used with CARP interfaces.  This has been patched and in the next release cycle.

https://github.com/opnsense/core/commit/4080345a597fbc55c02256996f7ba3ccee78ae49

[evguy2]

Shame on me. - Enable IPsec was not checked...

The web designer is culpable here.  I, having the same problem you were, just spent almost an hour looking for this check box.  It's at the bottom of the "tunnel settings" page which isn't at all obvious.

[NEOSA]

Shame on me. - Enable IPsec was not checked...

Hi !

I was creating an IPSec macOS Mobile setup*, and the same shame : forgot to turn it on ;-)

*https://github.com/thomergil/opnsense-ipsec-vpn