On Tue, Feb 16, 2016 at 8:46 AM, mrq1 <email address hidden> wrote:
> it looks like strongswan is faking a nat situation if the kernel-libipsec > is used, so there are only problems with transport & beet mode .. >
It sounds like it could be confusing. I'd prefer not to have a one-off for just this package but if it's disruptive then it's likely warranted.
> btw: did you get this audit entries too? >
No. Are you running 1ubuntu6 and have you reloaded the apparmor profile and restarted strongswan?
sudo apparmor_parser -r /etc/apparmor.d/usr.lib.ipsec.charon sudo systemctl restart strongswan
On Tue, Feb 16, 2016 at 8:46 AM, mrq1 <email address hidden> wrote:
> it looks like strongswan is faking a nat situation if the kernel-libipsec
> is used, so there are only problems with transport & beet mode ..
>
It sounds like it could be confusing. I'd prefer not to have a one-off for
just this
package but if it's disruptive then it's likely warranted.
> btw: did you get this audit entries too?
>
No. Are you running 1ubuntu6 and have you reloaded the apparmor profile
and restarted strongswan?
sudo apparmor_parser -r /etc/apparmor. d/usr.lib. ipsec.charon
sudo systemctl restart strongswan