[Openswan Users] Problems setting up IPSec on RHEL 3
mclaridge at rwa-net.co.uk
Tue Aug 3 18:17:16 CEST 2004
Hoping someone can help....I've battled through dodgy Red Hat
documentation and a few bugs to get this far....
I'm trying to set up a LAN-2-LAN vpn from a RHEL 3 box to a Cisco
router. This ought to work fine.....
My ipsec interface config looks like this:
(if you're wondering why I've got spaces in some of those, its to get
around a bug in racoon - when it generates the x.x.x.x.conf file, it is
unable to parse the resulting file as it doesn't put spaces before the
semi-colons at the end of lines! Adding spaces to those parameters gets
around that problem and it successfully creates a readable file)
My /etc/racoon/racoon.conf file looks like:
path include "/etc/racoon";
path pre_shared_key "/etc/racoon/psk.txt";
path certificate "/etc/racoon/certs";
lifetime time 1 hour ;
encryption_algorithm 3des, blowfish 448, rijndael ;
authentication_algorithm hmac_sha1, hmac_md5 ;
compression_algorithm deflate ;
and /etc/racoon/188.8.131.52.conf looks like:
exchange_mode aggressive, main;
which is obviously wrong as there's no closing brace in either file!
When I bring the interface up, I see the following error in the system log:
racoon: ERROR: cftoken.l:474:yyerror(): :0: "" no remote specification
racoon: ERROR: cfparse.y:1375:cfparse(): fatal parse failure (1 errors)
so my question is: is this thing so full of bugs that I should simply
give up and go home, or am I missing something fundamental and being
really stupid in the process???
thanks in advance.
More information about the Users