<div>Hi, i have try setting up the Openswan for VPN testing using the manual keying method. Below is my ipsec.conf file configuration:</div> <div> </div><FONT size=2> <div># /etc/ipsec.conf - Openswan IPsec configuration file</div> <div># RCSID $Id: ipsec.conf.in,v 1.15.2.2 2005/11/14 20:10:27 paul Exp $</div> <div># This file: /usr/local/share/doc/openswan/ipsec.conf-sample</div> <div>#</div> <div># Manual: ipsec.conf.5</div> <div> </div> <div>version 2.0 # conforms to second version of ipsec.conf specification</div> <div> </div> <div>config setup</div> <div>plutodebug=none</div> <div>klipsdebug=none</div> <div>interfaces="ipsec0=eth0"</div> <div> </div> <div>#Disable Opportunistic Encryption</div> <div>include /etc/ipsec.d/examples/no_oe.conf</div> <div> </div> <div>conn dut1net-dut2net</div> <div>keyingtries=0</div> <div>keylife=8h</div> <div>left=2.2.2.2</div> <div>leftnexthop=2.2.2.1</div> <div>leftsubnet=3.3.3.0/24</div>
<div>leftfirewall=no</div> <div>right=2.2.2.1</div> <div>rightnexthop=2.2.2.2</div> <div>rightsubnet=1.1.1.0/24</div> <div>rightfirewall=no</div> <div> </div> <div>conn tunnel-1</div> <div>also=dut1net-dut2net</div> <div>leftsourceip=3.3.3.1</div> <div>rightsourceip=1.1.1.1</div> <div>spi=0x100</div> <div>esp=aes128-md5-96</div> <div>espenckey=0x12345678_12345678_12345678_12345678_12345678_12345678</div> <div>espauthkey=0x12345678_12345678_12345678_12345678</div> <div></div> <div>auto=add</div> <div> </div> <div> </div> <div>when i start the ipsec service, everything is ok but when i type "ipsec manual --up tunnel-1", an error message:</div> <div> </div> <div>ipsec manual: no IPsec enabled tunnel found.</div> <div> </div> <div> </div> <div>what is the problem with openswan? can it support manual keying? cos when i do auto keying it is ok, but for my testing i needed to use manual keying. can u pls help me on this?
</div> <div> </div> <div>thanks</div> <div> </div> <div>Regards,</div> <div>Irene Liew</div> <div>System Performance Engineer</div></FONT><p>
                <hr size=1>Yahoo! Messenger with Voice. <a href="http://us.rd.yahoo.com/mail_us/taglines/postman1/*http://us.rd.yahoo.com/evt=39663/*http://voice.yahoo.com">Make PC-to-Phone Calls</a> to the US (and 30+ countries) for 2¢/min or less.<p>
        
                <hr size=1><a href="http://us.rd.yahoo.com/mail_us/taglines/postman3/*http://us.rd.yahoo.com/evt=39666/*http://beta.messenger.yahoo.com">Yahoo! Messenger with Voice.</a> PC-to-Phone calls for ridiculously low rates.