[Openswan Users] Openswan 2.1.0 on gentoo, Pluto got segmentation
fault
Niki Waibel
niki.waibel at newlogic.com
Mon Mar 22 10:35:45 CET 2004
maybe this is because of the crl.pem file in /etc/ipsec.d/crls.
i also had the problem that pluto died... removing the file has helped.
but of course that's no solution if you have to use a crl.
see this mail
Date: Sun, 21 Mar 2004 06:35:37 +0100 (MET)
From: Ken Bantoft <ken at xelerance.com>
To: Dennis Boylan <openswan at b-lan.com>
Subject: Re: [Openswan Users] CRLS in 2.1.0
Cc: users at lists.openswan.org
niki
On 22-Mar-2004 Wolfman wrote:
> Hi,
> I tried to setup open swan on my system, to get a VPN with Win2k clients.
> But for some strange reason pluto won't start.
> I can't see any misconfiguration. So can anyone help?
>
> Thanks
> Christian
>
> Here is my demon.log:
> [...]
> Mar 21 23:18:34 Linuxserver ipsec_setup: Starting Openswan IPsec
> U2.1.0/Kcvs2002Mär12_01:19:03...
> Mar 21 23:18:34 Linuxserver ipsec_setup: KLIPS debug `none'
> Mar 21 23:18:34 Linuxserver ipsec_setup: KLIPS ipsec0 on ppp0
> <SomeIP>/255.255.255.255 pointopoint <SomeIP>
> Mar 21 23:18:34 Linuxserver ipsec_setup: ...Openswan IPsec started
> Mar 21 23:18:34 Linuxserver ipsec__plutorun: /usr/lib/ipsec/_plutorun: line
> 1: 9623 Segmentation fault /usr/libexec/ipsec/pluto --nofork
> --secretsfile /etc/ipsec/ipsec.secrets --ipsecdir /etc/ipsec/ipsec.d
> --uniqueids
> Mar 21 23:18:35 Linuxserver ipsec__plutorun: whack: is Pluto
> running? connect() for "/var/run/pluto.ctl" failed (111 Connection refused)
> Mar 21 23:18:35 Linuxserver ipsec__plutorun: ...could not add conn "p2n"
> Mar 21 23:18:35 Linuxserver ipsec__plutorun: whack: is Pluto
> running? connect() for "/var/run/pluto.ctl" failed (111 Connection refused)
> Mar 21 23:18:35 Linuxserver ipsec__plutorun: ...could not add conn
> "clear-or-private"
> Mar 21 23:18:36 Linuxserver ipsec__plutorun: whack: is Pluto
> running? connect() for "/var/run/pluto.ctl" failed (111 Connection refused)
> Mar 21 23:18:36 Linuxserver ipsec__plutorun: ...could not add conn "n2n"
> Mar 21 23:18:36 Linuxserver ipsec__plutorun: whack: is Pluto
> running? connect() for "/var/run/pluto.ctl" failed (111 Connection refused)
> Mar 21 23:18:36 Linuxserver ipsec__plutorun: whack: is Pluto
> running? connect() for "/var/run/pluto.ctl" failed (111 Connection refused)
> Mar 21 23:18:36 Linuxserver ipsec__plutorun: ...could not route conn
> "clear-or-private"
> Mar 21 23:18:36 Linuxserver ipsec__plutorun: !pluto failure!: exited with
> error status 139 (signal 11)
> Mar 21 23:18:36 Linuxserver ipsec__plutorun: restarting IPsec after pause...
> Mar 21 23:18:46 Linuxserver rc-scripts: ERROR: wrong args. ( _autorestart
> / _autorestart )
> Mar 21 23:18:46 Linuxserver rc-scripts: Usage: ipsec { start|stop|restart }
> Mar 21 23:18:46 Linuxserver rc-scripts: ipsec without arguments for
> full help
> [...]
>
> My ipsec.conf:
> [...]
># basic configuration
> config setup
> # Debug-logging controls: "none" for (almost) none, "all" for lots.
> # klipsdebug=all
> # plutodebug=dns
>
># Add connections here.
>
> conn %default
> keyingtries=1
> compress=yes
> disablearrivalcheck=no
> authby=rsasig
> rightrsasigkey=%cert
> auto=add
> leftrsasigkey=%cert
> left=%defaultroute
> leftcert=VPN-Gateway.pem
>
> conn p2n
> right=%any
> leftsubnet=192.168.107.0/24
> conn n2n
> right=%any
> rightsubnetwithin=192.168.0.0/24
> leftsubnet=192.168.107.0/24
> conn block
> auto=ignore
> conn private
> auto=ignore
> conn private-or-clear
> auto=ignore
> conn clear
> auto=ignore
> conn packetdefault
> auto=ignore
> [...]
>
> _______________________________________________
> Users mailing list
> Users at lists.openswan.org
> http://lists.openswan.org/mailman/listinfo/users
>
--
niki w. waibel - system administrator @ newlogic technologies ag
More information about the Users
mailing list