[Openswan Users] Openswan+Ipv6 probem....again....

Gessler Gerhard Gessler at iabg.de
Fri May 14 08:39:05 CEST 2004


Hi Mathieu,
 
at first look, your global IPv6 address configuration seems to be not
correct. According to your ifconfig output, the prefix length is 0. A
prefix length of 64 seems to me more appropriate. Second, the prefix
length for your link local address is 64. That is quite wired as I would
normaly assume to be it 10. Third, as Mikael already pointed out, it
could well be that Pluto does not like the fact that no IPv4 address is
assigned to the interface. If you only want to work with IPv6, it does
not hurt to have an (e.g. private) IPv4 address assigned.
 
How do yo (in the current example) try to setup your SA? (1) With
configuration in ipsec.conf (after having applied Mikaels patches) or
(2) with a manual command to Whack and Pluto. In both cases, we would
need to have the used configuration to help you further.
 
Cheers,
 
    Gerhard
 

--------------------------------------------
Gerhard Gessler

Communication Networks, IABG mbH
Einsteinstr. 20
85521 Ottobrunn, Germany

Telefon: +49 89 6088 - 2021
Fax: +49 89 6088 - 2845

E-Mail: gessler at iabg.de 

	-----Original Message-----
	From: users-bounces at lists.openswan.org
[mailto:users-bounces at lists.openswan.org] On Behalf Of zze-DURBEC
Mathieu FTRD/DTL/ISS
	Sent: Thursday, May 13, 2004 4:41 PM
	To: users at lists.openswan.org
	Subject: [Openswan Users] Openswan+Ipv6 probem....again....
	
	

	Hi, 
	I've been trying for days to set up OpenSWAN with IPv6
support... 
	So, I'am using the 2.1.1 version patched with Mikael
Magnusson'patch.. 
	It doesn't seem to work with ipv6  :,-( 
	Here's my config 

	Ifconfig : 

	eth0    Lien encap:Ethernet  HWaddr 08:00:46:A8:E2:3B  
	          adr inet6: 2001:688:1f8b:a000::1/0 Scope:Global 
	          adr inet6: fe80::a00:46ff:fea8:e23b/64 Scope:Lien 
	          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1 
	          RX packets:3530 errors:0 dropped:0 overruns:0 frame:0 
	          TX packets:14 errors:0 dropped:0 overruns:0 carrier:0 
	          collisions:0 lg file transmission:100 
	          RX bytes:211800 (206.8 Kb)  TX bytes:964 (964.0 b) 
	          Interruption:11 Adresse de base:0x2000 

	Route : 

	Table de routage IPv6 du noyau 
	Destination                                 Prochain Hop
Indic Metric Ref    Utilis. Iface 
	::1/128                                     ::
U     0      11       1 lo      
	2001:688:1f8b:a000::1/128                   ::
U     0      3        0 lo      
	fe80::209:5bff:fe1e:791/128                 ::
U     0      0        0 lo      
	fe80::a00:46ff:fea8:e23b/128                ::
U     0      0        0 lo      
	fe80::/64                                   ::
UA    256    0        0 eth0    
	fe80::/64                                   ::
UA    256    0        0 eth1    
	ff00::/8                                    ::
UA    256    0        0 eth0    
	ff00::/8                                    ::
UA    256    0        0 eth1    
	::/0                                        ::
UDA   256    0        0 eth0    
	::/0                                        ::
UDA   256    0        0 eth1    

	And ipsec.conf 

	# /etc/ipsec.conf - FreeS/WAN IPsec configuration file 
	# RCSID $Id: ipsec.conf.in,v 1.11 2003/06/13 23:28:41 sam Exp $ 

	# This file:  /usr/local/share/doc/freeswan/ipsec.conf-sample 
	# 
	# Manual:     ipsec.conf.5 
	# 

	version 2.0     # conforms to second version of ipsec.conf
specification 

	# basic configuration 
	config setup 
	        forwardcontrol=yes 
	        interfaces="ipsec0=eth0" 
	        uniqueids=yes 
	        # Debug-logging controls:  "none" for (almost) none,
"all" for lots. 
	        klipsdebug=all 
	        plutodebug=all 
	        syslog=syslog.debug 


	Does someone manage to make it work ??? 

	Thanks 

	Matt 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20040514/ecd00fc8/attachment-0001.htm


More information about the Users mailing list