[Openswan Users] Wildcards in ID_DER_ASN1_DN (rightid)
Kevan Benson
kbenson at a-1networks.com
Wed Dec 14 15:34:04 CET 2005
On Wednesday 14 December 2005 12:56, Paul Wouters wrote:
> > I actually tried that shortly after posting, and it seems that it kills
> > pluto.
>
> Can you use 2.4.5dr3 and give us a trace on that?
>
> enable in ipsec.conf:
>
> dumpdir=/tmp
> plutorestartoncrash=no
>
> crash pluto and please give us a backtrace of the core in /tmp/
Hmm, seems that because I had right=192.168.167.100 pluto was crashing, as
after I set it to right=%any I could initiate the tunnel frmo the other side.
This is still with Openswan 2.4.0. I'll try to upgrade to the suggested
version and see if the bug still exists.
As a side, I thought it might have been related to my having the connection
defined with a %any for the right in ipsec.secrets but not ipsec.conf, but it
crashes pluto if it's statically defined or says %any in ipsec.secrets every
time I initiate a connection from the right and right=192.168.167.100 instead
of right=%any in ipsec.conf. Just mentioning it in case it makes it easier
to track down...
Now, off to install 2.4.5.dr3.
--
Kevan Benson
A-1 Networks
More information about the Users
mailing list