Hello swan experts,<br><br>I've setup openswan to tunel between 2 networks. My config comes below. The problem is that tunel is working, i have connectivity between networks but, when i start ipsec, a strange message appear in my syslog:
<br>Jun 13 17:52:59 nx ipsec__plutorun: 104 "z2" #1: STATE_MAIN_I1: initiate<br>
Jun 13 17:52:59 nx ipsec__plutorun: ...could not start conn "z2"<br>And tunel comes up!!!! And yes, on the oposite side, ipsec is already running!!!!<br><br>What kind of bug could be? If not a bug, what i missed from my config?
<br><br>[root@nx ~]# cat /etc/issue<br>CentOS release 4.5 (Final)<br>Kernel \r on an \m<br>[root@nx ~]#<br><br>[root@nx ~]# uname -r<br>2.6.9-55.EL<br>[root@nx ~]#<br><br>[root@nx ~]# rpm -q openswan<br>openswan-2.4.8-1<br>
[root@nx ~]#<br><br>[root@nx ~]# service ipsec start<br><br>[root@nx ~]# tail -f /var/log/messages<br>Jun 13 17:52:59 nx ipsec_setup: ...Openswan IPsec started<br>Jun 13 17:52:59 nx ipsec_setup: Starting Openswan IPsec U2.4.8
/K2.6.9-55.EL...<br>Jun 13 17:52:59 nx ipsec__plutorun: 104 "z2" #1: STATE_MAIN_I1: initiate<br>Jun 13 17:52:59 nx ipsec__plutorun: ...could not start conn "z2"<br><br>[root@nx ~]# cat /etc/ipsec.conf<br>
version 2.0<br>conn z2<br> authby=secret<br> left=<a href="http://1.2.3.4">1.2.3.4</a><br> leftsubnet=<a href="http://192.168.13.0/24">192.168.13.0/24</a><br> leftnexthop=<a href="http://1.2.3.111">1.2.3.111</a>
<br> right=<a href="http://5.6.7.8">5.6.7.8</a><br> rightsubnet=<a href="http://10.0.0.0/24">10.0.0.0/24</a><br> rightnexthop=<a href="http://5.6.7.222">5.6.7.222</a><br> keyexchange=ike<br> auth=esp<br> esp=3des-md5-96
<br> keylife=8h<br> pfs=no<br> auto=start<br>include /etc/ipsec.d/examples/no_oe.conf<br>[root@nx ~]#<br><br>I performed some tests between different openswan (from 2.4.5 up to 2.4.8) versions or kernel 2.6.x versions and problem persist, so it seems to be a parameter missing in my
ipsec.conf ...<br><br>Any hints,<br>Alx<br>