[Openswan Users] ipsec manual connection has no "spi" parameter
specified
Ted Kaczmarek
tedkaz at optonline.net
Sat Aug 28 21:15:24 CEST 2004
On Sat, 2004-08-28 at 15:53, Paul Wouters wrote:
> On Sat, 28 Aug 2004, Ted Kaczmarek wrote:
>
> > On a Redhat 9, with Openswan 2.1.4 I get gripes about
> >
> > ipsec manual: fatal error in "remote27": connection has no "spi"
> > parameter specified
> >
> > when trying to
> >
> > ipsec manual --down remote27
> >
> > or
> >
> > ipsec manual --up remote27
> >
> >
> > The tunnel itself is ok if you restart ipsec, but restarting ipsec for
> > one tunnel can be a tad of a pain. Both the remote and central are
> > RH9's.
> >
> >
> >
> > remote27
> > left=71.47.40.10
> > leftsubnet=71.47.46.120/32
> > leftnexthop=71.47.40.1
> > right=195.224.106.154
> > rightsubnet=192.168.245.254/32
> > auth=esp
> > esp=3des-sha-96
> > authby=secret
> > keylife=1h
> > auto=start
>
> Any reason you are not using "ipsec auto --delete remote27" and
> "ipsec auto --add remote27" ? (or up/down/replace?)
>
> manual is meant for manual keying, not manually bringing connections up
> and down. That is still done with the auto command while doing automated
> keying.
>
> Paul
Have no clue why I was using manual instead of auto, I must have some
mental block on this.
Thanks for straightening me out.
Ted
More information about the Users
mailing list