[Openswan Users] No ipsecN in 2.6 kernel (good one)
Miguel A. Amable V.
amable at cieta.net
Tue Feb 15 21:10:29 CET 2005
Hello everyone,
I am trying to set up a vpn with one linux fc3 on the left and one sonicwall on
the right in a manually keyed connection.
typing in the shell for the openswan installed it shows the following:
[root at vpn ipsec.d]# rpm -qa | grep swan
openswan-2.3.0-2
openswan-klips-2.3.0-2.6.9_1.724_FC3_1
openswan-doc-2.3.0-1
the kernel is kernel-2.6.9-1.667 and it has the support in ipsec compiled as a
module for FC3
when I type the command:
[root at vpn ipsec.d]# ipsec manual --up vpntunnel
ipsec manual: fatal error in "vpntunnel": no IPsec-enabled interfaces found
it shows the above error.
I know that the 2.6 kernel don't use the interface ipsecN but what if I disable
the ipsec options compiled as a kernel module so the
installed binary openswan 2.3.0 will then begin to use its own ipsec stack hence
will I have then the ipsecN interface and avoid the above error?
Now I am compiling the kernel without the ah and esp options and will see what
happens but what if that doesn't work? would anyone give me any options?
Thank You in advance.
Below you can see my config file /etc/ipsec.conf:
config setup
interfaces="ipsec0=ppp0"
klipsdebug=all
plutodebug=all
conn vpntunnel
# left security gateway (public-network address)
left=a.b.c.d
# next hop to reach right
leftnexthop=d.s.l.g
# subnet behind left (omit if left end of the tunnel is just the s.g.)
leftsubnet=172.16.3.0/24
# right s.g., subnet behind it, and next hop to reach left
right=e.f.g.h
rightsubnet=172.16.4.0/24
# (manual) SPI number
spi=[hexnumber]
# (manual) encryption/authentication algorithm and parameters to it
esp=3des-md5-96
espenckey=[secret_key]
espauthkey=[auth_key]
--
Miguel Ángel Amable Ventura
----------------------------------------------------------------------
Tecnologías de Información http://cieta.net
More information about the Users
mailing list