[Swan] Need debugging pointer between libreswan and ASA5550
Paul Wouters
pwouters at redhat.com
Fri Mar 8 21:21:16 EET 2013
On Fri, 8 Mar 2013, T.J. Yang wrote:
> That does not mean it is disabled. Run "getenforce" instead.
>
> Sorry, I wasn't able to hide my ignorance about SELinux.
>
> [root at mlab-centos6-01 ~]# getenforce
> Permissive
> [root at mlab-centos6-01 ~]# setenforce Permissive
> [root at mlab-centos6-01 ~]#
>
> Once I set it to Permissive mode by setenforce, I am able to see the connection log in /var/log/ipsec.log when restarting ipsec.
Good. So that is a fix that went into the selinux-policy package, and
should make it to your next fedora/rhel package update for
selinux-policy.
Paul
More information about the Swan
mailing list