Strongswan Error: no config named 'foo'

Question

On Ubuntu 20.04, I am trying to establish a VPN tunnel to a IKEv2/Ipsec VPN site using Strongswan.

However, even though I have the file /etc/ipsec.conf as shown

# ipsec.conf - strongSwan IPsec configuration file

# basic configuration

config setup
    # strictcrlpolicy=yes
    # uniqueids = no

conn foo
    left= ...
    right= ...
    ...

when I run sudo ipsec up foo, I get the error

no config named 'foo'

I have tried the follow commands before running ipsec up foo, but the error persists.

sudo ipsec update
sudo ipsec reload 
sudo ipsec restart

Strongswan U5.8.2/K5.4.0-60-generic was installed using

sudo apt-get install strongswan libcharon-extra-plugins -y

What seems to be preventing the foo connection from being detected?

Thanks!

Have you configured `auto` in your conn section (the default value is `ignore`)? — ecdsa, Jan 25 '21 at 10:39

score 2 · Accepted Answer · answered Jan 26 '21 at 09:07

Connections defined in ipsec.conf are only loaded if auto is configured to anything but the default value, which is ignore.

A connection may simply be loaded (add) without starting it (e.g. as responder for roadwarriors), automatically started (start), or trap policies (based on left|rightsubnet) can be loaded into the IPsec stack/kernel (route) so matching traffic triggers the tunnel automatically.

Strongswan Error: no config named 'foo'

1 Answers1