Package Details: ike 2.2.1-5

Git Clone URL: (read-only, click to copy)
Package Base: ike
Description: Shrew Soft VPN client for Linux
Upstream URL:
Licenses: BSD
Submitter: tmhedberg
Maintainer: None
Last Packager: timsat
Votes: 23
Popularity: 0.000023
First Submitted: 2011-12-06 17:01
Last Updated: 2019-02-15 19:34

Pinned Comments

figue commented on 2019-02-15 20:17

Ok, shrew-vpn-client updated. Please install that package to have QT GUI.

I can't test new ike package, because IT guys gave me a new laptop with W10, and on a virtual machine I can't make ike work... Maybe next week I'll take a closer look. Anyway, QT GUI works and I can edit my profiles.

For the people that already have a profile, you can bring it up in commandline:

ikec -r profile -u user -p password -a

or use the GUI :P

timsat commented on 2019-02-14 20:01

ike updated to 2.2.1-5

  • Migrated to OpenSSL 1.1.x.
  • Removed Qt GUI from this package. The idea behind this decision is to have an as minimalistic base package as possible, with separate packages provide GUI.
  • Tested locally with OpenSSL 1.1.1.a-1.

Any feedback would be appreciated, thanks!

Latest Comments

1 2 3 4 5 Next › Last »

figue commented on 2020-11-11 15:52

@damico add this to prepare()

sed -i 's/define "parser_class_name"/define parser_class_name/' ./source/iked/conf.parse.yy

damico commented on 2020-11-11 15:27

Hi, I tried to install shrew (ike), and during the installation I got this:

[ 40%] Generating conf.token.cpp
Scanning dependencies of target ikec
conf.parse.yy:44.9-27: error: expected identifier before string
44 | %define "parser_class_name" "conf_parser"
| ^~~~~~~~~~~~~~~~~~~
make[2]: [source/iked/CMakeFiles/iked.dir/build.make:81:
source/iked/conf.parse.cpp] Error 1
Waiting for unfinished jobs....
[ 42%] Building CXX object source/ikec/CMakeFiles/ikec.dir/main.o
[ 43%] Building CXX object source/ikec/CMakeFiles/ikec.dir/ikec.o
make[1]: [CMakeFiles/Makefile2:292: source/iked/CMakeFiles/iked.dir/all]
Error 2
Waiting for unfinished jobs....
[ 45%] Linking CXX executable ikec
[ 45%] Built target ikec
make: *** [Makefile:149: all] Error 2
==> ERROR: A failure occurred in build().
error making: ike

Could you help me, please?

figue commented on 2020-08-28 14:19

@vmsh0 yes, you are right. Actually my command line looks like:

/usr/bin/screen -d -m -S VPN_Checkpoint ikec -r VPN_Checkpoint -u myuser -p mytoken -a

where VPN_Checkpoint is this file:


vmsh0 commented on 2020-08-28 13:57

I used your patch to dockerize (i.e. future-proof) the command-line client.

Also, for reference, since it took me ~2 hours to find out: the "double free or corruption (out) Aborted (core dumped)" is caused by (a) a malformed configuration profile or (b) a non-existing configuration profile.

The command line parameter of the client is not for the path of the profile. It is for the name of the profile, which is also the name of the file where it is stored, inside $HOME/.ike/sites/. The profile file might very well be a .vpn file exported from the GUI version, but you have to remove the extension before placing it in $HOME/.ike/sites/.

figue commented on 2020-05-15 15:13

I'm still using it, but I'm not a developer, so I can't help... My issue when I'm with Openconnect VPN is still there, so I have to use Checkpoint official VPN in a virtual machine to workaround until I return to the office.

timsat commented on 2020-05-15 08:42

Sorry, guys, I can't find enough time to maintain this package, so disown it.

figue commented on 2020-04-14 12:37

Hi, now that I'm working at home, I've to connect to the office with another Cisco VPN before use ike (so I have tunneled all traffic through a tun device). Then if I connect to Checkpoint with ike, connection seems established, but no traffic is going back... In routing level all seems fine, I have a default gateway to the office, so I connect to Checkpoint as usual.

These are the logs:

~ $ tail -f /var/log/iked.log
20/04/14 14:29:34 ## : IKE Daemon, ver 2.3.0
20/04/14 14:29:34 ## : Copyright 2012 Shrew Soft Inc.
20/04/14 14:29:34 ## : This product linked OpenSSL 1.1.1f  31 Mar 2020
20/04/14 14:29:34 K! : recv X_SPDDUMP message failure ( errno = 2 )
20/04/14 14:29:41 !! : peer violates RFC, transform number mismatch ( 1 != 55 )
20/04/14 14:29:41 !! : phase1 packet ignored, resending last packet ( phase1 already mature )
20/04/14 14:29:41 !! : phase1 packet ignored, resending last packet ( phase1 already mature )
20/04/14 14:29:44 K! : recv X_SPDADD message failure ( errno = 17 )
20/04/14 14:29:44 K! : recv X_SPDADD message failure ( errno = 17 )
ii : ## : VPN Connect, ver 2.3.0
## : Copyright 2012 Shrew Soft Inc.
## : press the <h> key for help
>> : config loaded for site 'profile1'
>> : attached to key daemon ...
>> : peer configured
>> : iskamp proposal configured
>> : esp proposal configured
>> : ipcomp proposal configured
>> : client configured
>> : local id configured
>> : remote id configured
>> : server cert configured
ii : bringing up tunnel ...
>> : network device configured
ii : tunnel enabled

I've tried to rebuild the package and other things, but nothing seems to work. Do you know if there is any limit to make work a connection to a tap device through tun? Can I check where is sending the traffic the tap device?

Thank you

pickfire commented on 2020-04-03 12:01

Still need sed -i 's/define "parser_class_name"/define parser_class_name/' ./source/iked/conf.parse.yy to fix the build.

EnzephaloN commented on 2019-05-22 12:17

Successfully installed on Arch 5.1.2 after using the patch from zarere ( . Tried to connect to VPN-Server (with a configuration which is working in Shrew-Soft-Windows-Client). Connection is established, but there is now data coming thru - no ping, no ssh, nothing. Anyone an idea?

WarHippie commented on 2019-05-07 16:12

@Faldon can you please explain how to modify the PKGBUILD. I switched recently from Ubuntu to Manjaro and need this package only for one customer. Please help me install this.

EDIT: Nevermind, got it done by searching how to change the PKGBUILD before insatlling it. Next time i will search first :)