[Openswan Users] fraid not.

mark markzero at logik.ath.cx
Mon Feb 9 08:02:38 CET 2004


And now! An error...

(throughout this email, logik refers to my desktop machine and cubic
refers to my server, both are physically situated on the same desk,
for clarification.)

ipsec verify (on logik)

Checking your system to see if IPsec got installed and started
correctly:
Version check and ipsec on-path
[OK]
Linux FreeS/WAN Uopenswan-2.0.0/K(no kernel code presently loaded)
Checking for KLIPS support in kernel
[FAILED]
Checking for RSA private key (/etc/ipsec.secrets)
[OK]
Checking that pluto is running
[OK]
Two or more interfaces found, checking IP forwarding
[FAILED]

Opportunistic Encryption DNS checks:
Looking for TXT in forward map: logik
[MISSING]
Cannot execute command "host -t txt logik": No such file or directory
Does the machine have at least one non-private address?
[FAILED]

------------------------
ipsec verify (on cubic)

Checking your system to see if IPsec got installed and started
correctly:
Version check and ipsec on-path
[OK]
Linux FreeS/WAN Uopenswan-2.0.0/K(no kernel code presently loaded)
Checking for KLIPS support in kernel
[FAILED]
Checking for RSA private key (/etc/ipsec.secrets)
[OK]
Checking that pluto is running
[OK]
Two or more interfaces found, checking IP forwarding
[FAILED]

Opportunistic Encryption DNS checks:
Looking for TXT in forward map: cubic
[MISSING]
Cannot execute command "host -t txt cubic": No such file or directory
Does the machine have at least one non-private address?
[FAILED]

-------------------
ipsec.conf on logik

# /etc/ipsec.conf
            
version 2.0

conn block
     auto=ignore

conn private
     auto=ignore

conn private-or-clear
     auto=ignore

conn clear
     auto=ignore
     
conn packetdefault
     auto=ignore
     
conn logik-to-cubic
     left=100.0.0.5
     right=100.0.0.4
     authby=secret
     auto=add
     
---------------------
ipsec.conf on cubic

# /etc/ipsec.conf
version 2.0

conn private
     auto=ignore

conn block
     auto=ignore

conn private-or-clear
     auto=ignore

conn clear-or-private
     auto=ignore

conn clear
     auto=ignore
     
conn packetdefault
     auto=ignore
     
conn logik-to-cubic
     left=100.0.0.5
     right=100.0.0.4
     authby=secret
     auto=add
     
--------------------

now, if i do

ipsec auto --up logik-to-cubic

104 "logik-to-cubic" #1: STATE_MAIN_I1: initiate
010 "logik-to-cubic" #1: STATE_MAIN_I1: retransmission; will wait 20s
for response
010 "logik-to-cubic" #1: STATE_MAIN_I1: retransmission; will wait 40s
for response

nothing happens.

If I try it on the logik side:

021 no connection named "logik-to-cubic"

BUT THERE IS!

I am way out of my depth here, and this is the most simple thing I
could do with IPSec.

mark
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.openswan.org/pipermail/users/attachments/20040209/1357bc22/attachment.bin


More information about the Users mailing list