[Openswan dev]
Problem in establishing ipsec tunnel using manual keying
Irene Liew
irene_ilsf at yahoo.com
Wed Apr 12 18:52:27 CEST 2006
Hi, i have try setting up the Openswan for VPN testing using the manual keying method. Below is my ipsec.conf file configuration:
# /etc/ipsec.conf - Openswan IPsec configuration file
# RCSID $Id: ipsec.conf.in,v 1.15.2.2 2005/11/14 20:10:27 paul Exp $
# This file: /usr/local/share/doc/openswan/ipsec.conf-sample
#
# Manual: ipsec.conf.5
version 2.0 # conforms to second version of ipsec.conf specification
config setup
plutodebug=none
klipsdebug=none
interfaces="ipsec0=eth0"
#Disable Opportunistic Encryption
include /etc/ipsec.d/examples/no_oe.conf
conn dut1net-dut2net
keyingtries=0
keylife=8h
left=2.2.2.2
leftnexthop=2.2.2.1
leftsubnet=3.3.3.0/24
leftfirewall=no
right=2.2.2.1
rightnexthop=2.2.2.2
rightsubnet=1.1.1.0/24
rightfirewall=no
conn tunnel-1
also=dut1net-dut2net
leftsourceip=3.3.3.1
rightsourceip=1.1.1.1
spi=0x100
esp=aes128-md5-96
espenckey=0x12345678_12345678_12345678_12345678_12345678_12345678
espauthkey=0x12345678_12345678_12345678_12345678
auto=add
when i start the ipsec service, everything is ok but when i type "ipsec manual --up tunnel-1", an error message:
ipsec manual: no IPsec enabled tunnel found.
what is the problem with openswan? can it support manual keying? cos when i do auto keying it is ok, but for my testing i needed to use manual keying. can u pls help me on this?
thanks
Regards,
Irene Liew
System Performance Engineer
---------------------------------
Yahoo! Messenger with Voice. Make PC-to-Phone Calls to the US (and 30+ countries) for 2¢/min or less.
---------------------------------
Yahoo! Messenger with Voice. PC-to-Phone calls for ridiculously low rates.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/dev/attachments/20060412/c30b9c03/attachment-0001.htm
More information about the Dev
mailing list