[Openswan Users] Strange message in syslog but openswan is working!!!

Linux User rluglinux at gmail.com
Wed Jun 13 11:13:35 EDT 2007


Hello swan experts,

I've setup openswan to tunel between 2 networks. My config comes below. The
problem is that tunel is working, i have connectivity between networks but,
when i start ipsec, a strange message appear in my syslog:
Jun 13 17:52:59 nx ipsec__plutorun: 104 "z2" #1: STATE_MAIN_I1: initiate
Jun 13 17:52:59 nx ipsec__plutorun: ...could not start conn "z2"
And tunel comes up!!!! And yes, on the oposite side, ipsec is already
running!!!!

What kind of bug could be? If not a bug, what i missed from my config?

[root at nx ~]# cat /etc/issue
CentOS release 4.5 (Final)
Kernel \r on an \m
[root at nx ~]#

[root at nx ~]# uname -r
2.6.9-55.EL
[root at nx ~]#

[root at nx ~]# rpm -q openswan
openswan-2.4.8-1
[root at nx ~]#

[root at nx ~]# service ipsec start

[root at nx ~]# tail -f /var/log/messages
Jun 13 17:52:59 nx ipsec_setup: ...Openswan IPsec started
Jun 13 17:52:59 nx ipsec_setup: Starting Openswan IPsec U2.4.8/K2.6.9-
55.EL...
Jun 13 17:52:59 nx ipsec__plutorun: 104 "z2" #1: STATE_MAIN_I1: initiate
Jun 13 17:52:59 nx ipsec__plutorun: ...could not start conn "z2"

[root at nx ~]# cat /etc/ipsec.conf
version 2.0
conn z2
    authby=secret
    left=1.2.3.4
    leftsubnet=192.168.13.0/24
    leftnexthop=1.2.3.111
    right=5.6.7.8
    rightsubnet=10.0.0.0/24
    rightnexthop=5.6.7.222
    keyexchange=ike
    auth=esp
    esp=3des-md5-96
    keylife=8h
    pfs=no
    auto=start
include /etc/ipsec.d/examples/no_oe.conf
[root at nx ~]#

I performed some tests between different openswan (from 2.4.5 up to 2.4.8)
versions or kernel 2.6.x versions and problem persist, so it seems to be a
parameter missing in my ipsec.conf ...

Any hints,
Alx
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20070613/901f1d30/attachment-0001.html 


More information about the Users mailing list