Hello swan experts,<br><br>I've setup openswan to tunel between 2
networks. My config comes below. The problem is that tunel is working (i have connectivity between networks) but, when i start ipsec, a strange
message appear in my syslog (on booths sides):
<br>Jun 13 17:52:59 nx ipsec__plutorun: 104 "z2" #1: STATE_MAIN_I1: initiate<br>
Jun 13 17:52:59 nx ipsec__plutorun: ...could not start conn "z2"<br>And tunel comes up!!!! And yes, on the oposite side, ipsec is already running!!!!<br><br>Is a bug or a feature? If not a bug, how can be convinced openswan to display more info and/or turn off this stupid message? Trying to add plutodebug=all in
ipsec.conf doesn't add more verbosity to openswan!<br><br>[root@nx ~]# cat /etc/issue<br>CentOS release 4.5 (Final)<br>Kernel \r on an \m<br>[root@nx ~]#<br><br>[root@nx ~]# uname -r<br>2.6.9-55.EL<br>[root@nx ~]#<br>
<br>[root@nx ~]# rpm -q openswan<br>openswan-2.4.8-1<br>
[root@nx ~]#<br><br>Openswan has been compiled by me using rpmbuild -ta openswan-2.4.8.tar.gz from openswan website!<br><br>[root@nx ~]# service ipsec start<br><br>[root@nx ~]# tail -f /var/log/messages<br>Jun 13 17:52:59 nx ipsec_setup: ...Openswan IPsec started
<br>Jun 13 17:52:59 nx ipsec_setup: Starting Openswan IPsec U2.4.8
/K2.6.9-55.EL...<br>Jun 13 17:52:59 nx ipsec__plutorun: 104 "z2" #1: STATE_MAIN_I1: initiate<br>Jun 13 17:52:59 nx ipsec__plutorun: ...could not start conn "z2"<br><br>[root@nx ~]# cat /etc/ipsec.conf
<br>
version 2.0<br>conn z2<br> authby=secret<br> left=<a href="http://1.2.3.4/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">1.2.3.4</a><br> leftsubnet=<a href="http://192.168.13.0/24" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
192.168.13.0/24</a><br> leftnexthop=<a href="http://1.2.3.111/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">1.2.3.111</a>
<br> right=<a href="http://5.6.7.8/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">5.6.7.8</a><br> rightsubnet=<a href="http://10.0.0.0/24" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
10.0.0.0/24</a><br> rightnexthop=<a href="http://5.6.7.222/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">5.6.7.222</a><br> keyexchange=ike<br> auth=esp<br> esp=3des-md5-96
<br> keylife=8h<br> pfs=no<br> auto=start<br>include /etc/ipsec.d/examples/no_oe.conf<br>[root@nx ~]#<br><br>Any hints,<br>Alx