[Openswan Users] Wildcards in ID_DER_ASN1_DN (rightid)

Kevan Benson kbenson at a-1networks.com
Wed Dec 14 15:34:04 CET 2005

On Wednesday 14 December 2005 12:56, Paul Wouters wrote:
> > I actually tried that shortly after posting, and it seems that it kills
> > pluto.
> Can you use 2.4.5dr3 and give us a trace on that?
> enable in ipsec.conf:
>         dumpdir=/tmp
>         plutorestartoncrash=no
> crash pluto and please give us a backtrace of the core in /tmp/

Hmm, seems that because I had right= pluto was crashing, as 
after I set it to right=%any I could initiate the tunnel frmo the other side.  
This is still with Openswan 2.4.0.  I'll try to upgrade to the suggested 
version and see if the bug still exists.

As a side, I thought it might have been related to my having the connection 
defined with a %any for the right in ipsec.secrets but not ipsec.conf, but it 
crashes pluto if it's statically defined or says %any in ipsec.secrets every 
time I initiate a connection from the right and right= instead 
of right=%any in ipsec.conf.  Just mentioning it in case it makes it easier 
to track down...

Now, off to install 2.4.5.dr3.

Kevan Benson
A-1 Networks

More information about the Users mailing list