[Openswan Users] ipsec manual connection has no "spi" parameter
specified
Paul Wouters
paul at xelerance.com
Sat Aug 28 22:53:14 CEST 2004
On Sat, 28 Aug 2004, Ted Kaczmarek wrote:
> On a Redhat 9, with Openswan 2.1.4 I get gripes about
>
> ipsec manual: fatal error in "remote27": connection has no "spi"
> parameter specified
>
> when trying to
>
> ipsec manual --down remote27
>
> or
>
> ipsec manual --up remote27
>
>
> The tunnel itself is ok if you restart ipsec, but restarting ipsec for
> one tunnel can be a tad of a pain. Both the remote and central are
> RH9's.
>
>
>
> remote27
> left=71.47.40.10
> leftsubnet=71.47.46.120/32
> leftnexthop=71.47.40.1
> right=195.224.106.154
> rightsubnet=192.168.245.254/32
> auth=esp
> esp=3des-sha-96
> authby=secret
> keylife=1h
> auto=start
Any reason you are not using "ipsec auto --delete remote27" and
"ipsec auto --add remote27" ? (or up/down/replace?)
manual is meant for manual keying, not manually bringing connections up
and down. That is still done with the auto command while doing automated
keying.
Paul
>
> conn central27
> left=195.224.106.154
> leftsubnet=192.168.245.254/32
> leftnexthop=195.224.106.145
> right=71.47.40.10
> rightsubnet=71.47.46.120/32
> rightnexthop=71.47.40.1
> auth=esp
> esp=3des-sha-96
> authby=secret
> keylife=1h
> auto=start
>
>
> Tried googling and could not hit the nail on the head.
>
> Any ideas?
>
> Ted
>
>
>
>
>
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
>
More information about the Users
mailing list