<p>Hello Igor,</p>
<p>I need to check my setup, this looks weird.<br>
Are you running IPSec from CLI or through command service?</p>
<p>Also (and I'm. Of sure of that's normal or not, never checked) why are you having two identical processes for Pluto running? Both with different PIDs.</p>
<p>Sent from my Galaxy Tab</p>
<div class="gmail_quote">On Jul 31, 2012 12:54 AM, "Igor Lasic" <<a href="mailto:ilasic@yahoo.com">ilasic@yahoo.com</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>Hello Muhammad, thanks for responding.<br>
<br>
I am seeing TCP port 3082 opened as in below. We have also tried
with port 3081 and got the same result where pluto took it.<br>
<br>
Unfortunately we cannot guarantee the order in which services will
start and cannot use other means such as SE security.<br>
<br>
netstat -nap | grep 3082<br>
<b>tcp 0 0 <a href="http://0.0.0.0:3082" target="_blank">0.0.0.0:3082</a>
0.0.0.0:* LISTEN <u>7450</u>/sh</b><br>
tcp 0 0 <a href="http://127.0.0.1:3082" target="_blank">127.0.0.1:3082</a>
<a href="http://127.0.0.1:44259" target="_blank">127.0.0.1:44259</a> SYN_RECV -<br>
tcp 0 0 <a href="http://127.0.0.1:3082" target="_blank">127.0.0.1:3082</a>
<a href="http://127.0.0.1:44261" target="_blank">127.0.0.1:44261</a> SYN_RECV -<br>
tcp 0 0 <a href="http://127.0.0.1:3082" target="_blank">127.0.0.1:3082</a>
<a href="http://127.0.0.1:45281" target="_blank">127.0.0.1:45281</a> SYN_RECV -<br>
tcp 349 0 <a href="http://127.0.0.1:3082" target="_blank">127.0.0.1:3082</a>
<a href="http://127.0.0.1:49980" target="_blank">127.0.0.1:49980</a> CLOSE_WAIT -<br>
tcp 345 0 <a href="http://127.0.0.1:3082" target="_blank">127.0.0.1:3082</a>
<a href="http://127.0.0.1:34400" target="_blank">127.0.0.1:34400</a> CLOSE_WAIT -<br>
tcp 343 0 <a href="http://127.0.0.1:3082" target="_blank">127.0.0.1:3082</a>
<a href="http://127.0.0.1:49530" target="_blank">127.0.0.1:49530</a> CLOSE_WAIT -<br>
tcp 0 345 <a href="http://127.0.0.1:44259" target="_blank">127.0.0.1:44259</a>
<a href="http://127.0.0.1:3082" target="_blank">127.0.0.1:3082</a> FIN_WAIT1 -<br>
tcp 0 329 <a href="http://127.0.0.1:44261" target="_blank">127.0.0.1:44261</a>
<a href="http://127.0.0.1:3082" target="_blank">127.0.0.1:3082</a> FIN_WAIT1 -<br>
tcp 0 329 <a href="http://127.0.0.1:45281" target="_blank">127.0.0.1:45281</a>
<a href="http://127.0.0.1:3082" target="_blank">127.0.0.1:3082</a> ESTABLISHED 25856/httpd<br>
<br>
root@lang-armagent-2a ~]# ps -ef | grep 7450<br>
root <u><b>7450 </b></u>1 0 Jul23 ? 00:00:00<u><b>
/bin/sh /usr/lib64/ipsec/_plutorun </b></u>--debug
--uniqueids yes --force_busy no --nocrsend no --strictcrlpolicy no
--nat_traversal yes --keep_alive --protostack netkey
--force_keepalive no --disable_port_floating no --virtual_private
%v4:<a href="http://10.0.0.0/8,%v4:192.168.0.0/16,%4:172.16.0.0/12" target="_blank">10.0.0.0/8,%v4:192.168.0.0/16,%4:172.16.0.0/12</a> --listen
--crlcheckinterval 0 --ocspuri --nhelpers --secctx_attr_value
--dump --opts --stderrlog --wait no --pre --post --log
daemon.error --plutorestartoncrash true --pid
/var/run/pluto/pluto.pid<br>
root 7452 7450 0 Jul23 ? 00:00:00 /bin/sh
/usr/lib64/ipsec/_plutorun --debug --uniqueids yes --force_busy
no --nocrsend no --strictcrlpolicy no --nat_traversal yes
--keep_alive --protostack netkey --force_keepalive no
--disable_port_floating no --virtual_private
%v4:<a href="http://10.0.0.0/8,%v4:192.168.0.0/16,%4:172.16.0.0/12" target="_blank">10.0.0.0/8,%v4:192.168.0.0/16,%4:172.16.0.0/12</a> --listen
--crlcheckinterval 0 --ocspuri --nhelpers --secctx_attr_value
--dump --opts --stderrlog --wait no --pre --post --log
daemon.error --plutorestartoncrash true --pid
/var/run/pluto/pluto.pid<br>
root 7455 7450 0 Jul23 ? 00:00:00 /bin/sh
/usr/lib64/ipsec/_plutoload --wait no --post<br>
root 28674 3185 0 22:39 pts/0 00:00:00 grep 7450<br>
<br>
On 7/30/2012 6:29 PM, Muhammad El-Sergani wrote:<br>
</div>
<blockquote type="cite">
<p>Hello Igor, what's that port number?<br>
This shouldn't happen I believe.</p>
<p>Sent from my Galaxy Tab</p>
<div class="gmail_quote">On Jul 31, 2012 12:28 AM, "Igor Lasic"
<<a href="mailto:ilasic@yahoo.com" target="_blank">ilasic@yahoo.com</a>>
wrote:<br type="attribution">
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"> Hello everyone,<br>
<br>
I have a problem where openswan ipsec opens out a TCP port
when it starts that conflicts with our web service;.<br>
<br>
It appears the TCP port is not fixed as we've attempted to
use a different port and ipsec service still showed up as
listening on that port.<br>
<br>
Anyone know what is the port used for and can the port be
configured or can the "feature" be disabled?<br>
<br>
Thanks,<br>
<br>
Igor<br>
<br>
<font size="3"><font color="#909090"><br>
</font></font> </div>
<br>
_______________________________________________<br>
<a href="mailto:Users@lists.openswan.org" target="_blank">Users@lists.openswan.org</a><br>
<a href="https://lists.openswan.org/mailman/listinfo/users" target="_blank">https://lists.openswan.org/mailman/listinfo/users</a><br>
Micropayments: <a href="https://flattr.com/thing/38387/IPsec-for-Linux-made-easy" target="_blank">https://flattr.com/thing/38387/IPsec-for-Linux-made-easy</a><br>
Building and Integrating Virtual Private Networks with
Openswan:<br>
<a href="http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155" target="_blank">http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155</a><br>
<br>
</blockquote>
</div>
</blockquote>
<br>
</div>
</blockquote></div>