[Openswan Users] Openswan on FC3
Trevor Hennion
trevor-os at thennion.demon.co.uk
Fri Jul 29 09:29:45 CEST 2005
Eduardo,
I can't see an 'auto' line for your 'piolin' conn block.
Therefore you need to do:
ipsec auto --add piolin
before you do
ipsec auto -- up piolin
or
add 'auto = add' or 'auto=start' if its not a roadwarrior connection.
HTH
Regards
Trevor Hennion
http://www.infocentrality.co.uk
On Friday 29 July 2005 07:34, Eduardo Detrell wrote:
> Hello:
>
> This are some lines in the file /etc/ipsec.conf:
>
> version 2.0 # conforms to second version of ipsec.conf specification
>
> # basic configuration
> config setup
> # Debug-logging controls: "none" for (almost) none, "all" for
> lots. # klipsdebug=all
> # plutodebug=dns
> #interfaces=%defaultroute
> interfaces="ipsec0=eth2"
> klipsdebug=none
> plutodebug=none
> # plutoload=%search
> # plutostart=%search
> # keyingtries=0
>
> # Add connections here.
>
> conn piolin
> left=AAA.BBB.CCC.DDD
> leftnexthop=192.168.1.2
> leftsubnet=192.168.0.0/16
> right=192.168.101.1
> rightnexthop=192.168.101.254
> rightsubnet=192.168.100.0/16
> spi=.....
> esp=.......
> espenckey=...........................................
> espauthkey=............................................
>
> #Disable Opportunistic Encryption
> include /etc/ipsec.d/examples/no_oe.conf
>
> Thanks.
>
> Regards.
> ----- Original Message -----
> From: Michael Stelluti
> To: Eduardo Detrell
> Cc: users at openswan.org
> Sent: Thursday, July 28, 2005 8:14 PM
> Subject: Re: [Openswan Users] Openswan on FC3
>
>
> Eduardo Detrell wrote:
> Hello:
>
> This is the anwer of it:
>
> [root at piolin ~]# ipsec auto --up piolin
> 021 no connection named "piolin"
>
> This connection is named in /etc/ipsec.conf.
>
> Thanks for your help.
>
> Regards.
> ----- Original Message -----
> From: Michael Stelluti
> To: Eduardo Detrell
> Cc: users at openswan.org
> Sent: Thursday, July 28, 2005 7:02 PM
> Subject: Re: [Openswan Users] Openswan on FC3
>
>
> Eduardo Detrell wrote:
> Hello:
>
> When I try to up a tunnel with this command:"ipsec manual --up
> piolin" the system answer me: ipsec manual: fatal error in "piolin": no
> IPsec-enabled interfaces found"
>
> I test de installation:
>
> [root at piolin ~]# ipsec verify
> Checking your system to see if IPsec got installed and started
> correctly: Version check and ipsec on-path
> [OK] Linux Openswan U2.3.1/K2.6.11-1.35_FC3smp (netkey)
> Checking for IPsec support in kernel
> [OK] Checking for RSA private key (/etc/ipsec.secrets) [OK]
> Checking that pluto is running [OK] Two
> or more interfaces found, checking IP forwarding [OK] Checking
> NAT and MASQUERADEing [OK] Checking for
> 'ip' command [OK] Checking for
> 'iptables' command [OK] Checking for
> 'setkey' command for NETKEY IPsec stack support [OK] Opportunistic
> Encryption Support [DISABLED]
>
> Please, anybody can help me?. Thanks.
>
> Regards.
> ------------------------------------------------------------------------
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> The correct command to manually initiate your connection is "ipsec auto
> --up piolin".
>
> -------------------------------------------------------------------------
>--- _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> this line [ 021 no connection named "piolin" ] tells me that the name
> piolin is not the correct name in the ipsec.conf file, but you say it is.
> can you send a copy of your conn file. the name for the connection
> should be whatever you put after the word conn in your file.
More information about the Users
mailing list