[Swan] Need debugging pointer between libreswan and ASA5550

Paul Wouters pwouters at redhat.com
Fri Mar 8 21:21:16 EET 2013


On Fri, 8 Mar 2013, T.J. Yang wrote:

> That does not mean it is disabled. Run "getenforce" instead.
>  
> Sorry, I wasn't able to  hide my ignorance about SELinux.
> 
> [root at mlab-centos6-01 ~]# getenforce
> Permissive
> [root at mlab-centos6-01 ~]# setenforce Permissive
> [root at mlab-centos6-01 ~]#
>  
> Once I set it to Permissive mode by setenforce, I am able to see the connection log in /var/log/ipsec.log when restarting ipsec.

Good. So that is a fix that went into the selinux-policy package, and
should make it to your next fedora/rhel package update for
selinux-policy.

Paul


More information about the Swan mailing list