[Openswan Users] Newbie question concerning openswan start.
Johannes Graumann
graumann at caltech.edu
Thu Dec 2 13:13:28 CET 2004
Hello,
I have recently succeeded IPSECing my wireless home network using
openswan on my debian systems.
There is one minor annoyance though, which I can't get rid of:
- when starting my firewall/dhcp-server/ipsec entry point, openswan
seems to come up.
- when trying to connect from my laptop, I get an error and upon
research on the server (/etc/init.d/ipsec status) I'm being told that
IPSEC isn't running, but an orphaned pluto process is.
- /etc/init.d/ipsec start solves my problem.
What am I doing wrong?
Thanks for any hints, ipsec.conf attached below.
Joh
# /etc/ipsec.conf - Openswan IPsec configuration file
# RCSID $Id: ipsec.conf.in,v 1.13 2004/03/24 04:14:39 ken Exp $
# This file: /usr/share/doc/openswan/ipsec.conf-sample
#
# Manual: ipsec.conf.5
version 2.0 # conforms to second version of ipsec.conf specification
config setup
interfaces="ipsec0=eth1"
nat_traversal=yes
virtual_private=%v4:192.168.1.0/24
conn %default
keyingtries=1
compress=yes
disablearrivalcheck=no
authby=rsasig
leftrsasigkey=%cert
rightrsasigkey=%cert
conn wireless-precious
left=192.168.1.3
leftcert=precious.homenetwork.pem
right=192.168.1.1
rightcert=morannon.homenetwork.pem
rightsubnet=0.0.0.0/0
auto=add
pfs=yes
conn wireless-palantir
left=192.168.1.6
leftcert=palantir.homenetwork.pem
right=192.168.1.1
rightcert=morannon.homenetwork.pem
rightsubnet=0.0.0.0/0
auto=add
pfs=yes
#Disable Opportunistic Encryption
include /etc/ipsec.d/examples/no_oe.conf
More information about the Users
mailing list