[Openswan Users] openswan and red hat enterprise

Morgan Marodin mmarodin at develon.com
Fri Mar 26 18:04:41 CET 2004


Hi ... an other time!

I have searched in the newsgroups for the question of ipsec0 (see my 
previous message) ... but I didn't find anything.

So ... I tried to compile klips module from openswan tarball. Now my red 
hat enterprise's ipsec is running with that mudule (ipsec.o).

------------------------------------------------------------------------------------------------------------------------------------------------------------------------
[root at platoon etc]# service ipsec start
ipsec_setup: Starting Openswan IPsec 2.1.1...
ipsec_setup: Using /lib/modules/2.4.21-9.0.1.EL/kernel/ipsec.o

[root at platoon etc]# tail -f /var/log/messages
Mar 26 17:46:09 platoon ipsec_setup: Starting Openswan IPsec 2.1.1...
Mar 26 17:46:09 platoon kernel: klips_info:ipsec_init: KLIPS startup, 
FreeS/WAN IPSec version: 2.1.1
Mar 26 17:46:09 platoon ipsec_setup: Using 
/lib/modules/2.4.21-9.0.1.EL/kernel/ipsec.o
Mar 26 17:46:09 platoon ipsec_setup: KLIPS debug `none'
Mar 26 17:46:09 platoon kernel:
Mar 26 17:46:09 platoon /etc/hotplug/net.agent: invoke ifup ipsec0
Mar 26 17:46:09 platoon /etc/hotplug/net.agent: invoke ifup ipsec1
Mar 26 17:46:09 platoon ipsec_setup: KLIPS ipsec0 on eth0 
111.111.111.35/255.255.255.0 broadcast 111.111.111.255
Mar 26 17:46:09 platoon /etc/hotplug/net.agent: invoke ifup ipsec3
Mar 26 17:46:09 platoon /etc/hotplug/net.agent: invoke ifup ipsec2
Mar 26 17:46:09 platoon ipsec_setup: ...Openswan IPsec started
Mar 26 17:46:10 platoon ipsec__plutorun: ipsec_auto: fatal error in 
"packetdefault": %defaultroute requested but not known
Mar 26 17:46:10 platoon ipsec__plutorun: ipsec_auto: fatal error in 
"block": %defaultroute requested but not known
Mar 26 17:46:10 platoon ipsec__plutorun: ipsec_auto: fatal error in 
"clear-or-private": %defaultroute requested but not known
Mar 26 17:46:10 platoon ipsec__plutorun: ipsec_auto: fatal error in 
"clear": %defaultroute requested but not known
Mar 26 17:46:10 platoon ipsec__plutorun: ipsec_auto: fatal error in 
"private-or-clear": %defaultroute requested but not known
Mar 26 17:46:10 platoon ipsec__plutorun: ipsec_auto: fatal error in 
"private": %defaultroute requested but not known
Mar 26 17:46:10 platoon ipsec__plutorun: 021 no connection named 
"packetdefault"
Mar 26 17:46:10 platoon ipsec__plutorun: ...could not route conn 
"packetdefault"
Mar 26 17:46:10 platoon ipsec__plutorun: 021 no connection named "block"
Mar 26 17:46:10 platoon ipsec__plutorun: ...could not route conn "block"
Mar 26 17:46:10 platoon ipsec__plutorun: 021 no connection named 
"clear-or-private"
Mar 26 17:46:10 platoon ipsec__plutorun: ...could not route conn 
"clear-or-private"
Mar 26 17:46:10 platoon ipsec__plutorun: 021 no connection named "clear"
Mar 26 17:46:10 platoon ipsec__plutorun: ...could not route conn "clear"
Mar 26 17:46:11 platoon ipsec__plutorun: 021 no connection named 
"private-or-clear"
Mar 26 17:46:11 platoon ipsec__plutorun: ...could not route conn 
"private-or-clear"
Mar 26 17:46:11 platoon ipsec__plutorun: 021 no connection named "private"
Mar 26 17:46:11 platoon ipsec__plutorun: ...could not route conn "private"
Mar 26 17:46:11 platoon ipsec__plutorun: 104 "conntest" #1: STATE_MAIN_I1: 
initiate
Mar 26 17:46:11 platoon ipsec__plutorun: ...could not start conn "conntest"
------------------------------------------------------------------------------------------------------------------------------------------------------------------------

With ipsec auto --status I sow that the SA was established. Now the 
interface ipsec0 goes up ... BUT ... the result is the same.
I haven't the route to the other lan by ipsec0 device.
I tried do add it ... but packets don't go to the other side.

With tcpdump i -ipsec0 I can see only my lan request. Iptables' rules are 
OK on the two side, I'm sure of this. At the other side (lan with 
superfreeswan gw) it's the same.

Could you help me on one of the two ways?
{
1. klips included in the kernel
2. openswan module
}

Thanks !!!
Bye, Morgan 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20040326/81d73c55/attachment-0001.htm


More information about the Users mailing list