Comment 4 for bug 2049624

Also see https://bugs.launchpad.net/neutron/+bug/1938571 filled with frustration for years..

Had to do the following modifications to make this work:
diff --git a/neutron_vpnaas/services/vpn/device_drivers/strongswan_ipsec.py b/neutron_vpnaas/services/vpn/device_drivers/strongswan_ipsec.py
index 708952a1f..1d073d135 100644
--- a/neutron_vpnaas/services/vpn/device_drivers/strongswan_ipsec.py
+++ b/neutron_vpnaas/services/vpn/device_drivers/strongswan_ipsec.py
@@ -180,7 +180,7 @@ class StrongSwanProcess(ipsec.BaseSwanProcess):
         ipsec.conf. Currently established connections are not affected by
         configuration changes.
         """
- self._execute([self.binary, 'reload'])
+ self._execute([self.binary, 'reload'], extra_ok_codes=[7])

     def start(self):
         """Start the process for only auto=route mode now.
diff --git a/neutron_vpnaas/services/vpn/device_drivers/template/strongswan/strongswan.conf.template b/neutron_vpnaas/services/vpn/device_drivers/template/strongswan/strongswan.conf.template
index 9cd5fda57..2470cbb5e 100644
--- a/neutron_vpnaas/services/vpn/device_drivers/template/strongswan/strongswan.conf.template
+++ b/neutron_vpnaas/services/vpn/device_drivers/template/strongswan/strongswan.conf.template
@@ -2,6 +2,9 @@ charon {
         load_modular = yes
         plugins {
                 include strongswan.d/charon/*.conf
+ stroke {
+ socket = unix:///var/run/charon.ctl
+ }
         }
 }
---

The extra_ok_codes=[7] is a bit dodgy, can't see anything about non-zero return codes :/