[Openswan Users] Openswan on FC3
Eduardo Detrell
edetrell at fain.es
Fri Jul 29 13:36:44 CEST 2005
Hello:
I checked the leftip and discover a error. I corrected.
Now, when I try ipsec auto --up piolin, nothing answer to me.
I'm trying to check another side of connection. In this side is Linux
FreeS/WAN 2.05 working with several server with the same/older version.
Thanks a lot.
Regards.
----- Original Message -----
From: "Eduardo Detrell" <edetrell at fain.es>
To: <trevor-os at thennion.demon.co.uk>
Cc: <users at openswan.org>
Sent: Friday, July 29, 2005 11:59 AM
Subject: Re: [Openswan Users] Openswan on FC3
> Hello:
>
> Well. I see a different answers:
>
> [root at piolin ~]# ipsec auto --add piolin
> [root at piolin ~]# ipsec auto --up piolin
> 104 "piolin" #1: STATE_MAIN_I1: initiate
> 010 "piolin" #1: STATE_MAIN_I1: retransmission; will wait 20s for response
> 010 "piolin" #1: STATE_MAIN_I1: retransmission; will wait 40s for response
> 010 "piolin" #1: STATE_MAIN_I1: retransmission; will wait 40s for response
> 010 "piolin" #1: STATE_MAIN_I1: retransmission; will wait 40s for response
> 010 "piolin" #1: STATE_MAIN_I1: retransmission; will wait 40s for response
> 010 "piolin" #1: STATE_MAIN_I1: retransmission; will wait 40s for response
> 010 "piolin" #1: STATE_MAIN_I1: retransmission; will wait 40s for response
> 010 "piolin" #1: STATE_MAIN_I1: retransmission; will wait 40s for response
> 010 "piolin" #1: STATE_MAIN_I1: retransmission; will wait 40s for response
> .............
>
> Regards.
>
>
> ----- Original Message -----
> From: "Trevor Hennion" <trevor-os at thennion.demon.co.uk>
> To: <users at openswan.org>
> Sent: Friday, July 29, 2005 9:29 AM
> Subject: Re: [Openswan Users] Openswan on FC3
>
>
>> Eduardo,
>>
>> I can't see an 'auto' line for your 'piolin' conn block.
>> Therefore you need to do:
>> ipsec auto --add piolin
>> before you do
>> ipsec auto -- up piolin
>> or
>> add 'auto = add' or 'auto=start' if its not a roadwarrior connection.
>>
>> HTH
>>
>> Regards
>>
>> Trevor Hennion
>> http://www.infocentrality.co.uk
>>
>>
>> On Friday 29 July 2005 07:34, Eduardo Detrell wrote:
>>> Hello:
>>>
>>> This are some lines in the file /etc/ipsec.conf:
>>>
>>> version 2.0 # conforms to second version of ipsec.conf specification
>>>
>>> # basic configuration
>>> config setup
>>> # Debug-logging controls: "none" for (almost) none, "all" for
>>> lots. # klipsdebug=all
>>> # plutodebug=dns
>>> #interfaces=%defaultroute
>>> interfaces="ipsec0=eth2"
>>> klipsdebug=none
>>> plutodebug=none
>>> # plutoload=%search
>>> # plutostart=%search
>>> # keyingtries=0
>>>
>>> # Add connections here.
>>>
>>> conn piolin
>>> left=AAA.BBB.CCC.DDD
>>> leftnexthop=192.168.1.2
>>> leftsubnet=192.168.0.0/16
>>> right=192.168.101.1
>>> rightnexthop=192.168.101.254
>>> rightsubnet=192.168.100.0/16
>>> spi=.....
>>> esp=.......
>>> espenckey=...........................................
>>> espauthkey=............................................
>>>
>>> #Disable Opportunistic Encryption
>>> include /etc/ipsec.d/examples/no_oe.conf
>>>
>>> Thanks.
>>>
>>> Regards.
>>> ----- Original Message -----
>>> From: Michael Stelluti
>>> To: Eduardo Detrell
>>> Cc: users at openswan.org
>>> Sent: Thursday, July 28, 2005 8:14 PM
>>> Subject: Re: [Openswan Users] Openswan on FC3
>>>
>>>
>>> Eduardo Detrell wrote:
>>> Hello:
>>>
>>> This is the anwer of it:
>>>
>>> [root at piolin ~]# ipsec auto --up piolin
>>> 021 no connection named "piolin"
>>>
>>> This connection is named in /etc/ipsec.conf.
>>>
>>> Thanks for your help.
>>>
>>> Regards.
>>> ----- Original Message -----
>>> From: Michael Stelluti
>>> To: Eduardo Detrell
>>> Cc: users at openswan.org
>>> Sent: Thursday, July 28, 2005 7:02 PM
>>> Subject: Re: [Openswan Users] Openswan on FC3
>>>
>>>
>>> Eduardo Detrell wrote:
>>> Hello:
>>>
>>> When I try to up a tunnel with this command:"ipsec manual --up
>>> piolin" the system answer me: ipsec manual: fatal error in "piolin": no
>>> IPsec-enabled interfaces found"
>>>
>>> I test de installation:
>>>
>>> [root at piolin ~]# ipsec verify
>>> Checking your system to see if IPsec got installed and started
>>> correctly: Version check and ipsec on-path
>>> [OK] Linux Openswan U2.3.1/K2.6.11-1.35_FC3smp (netkey)
>>> Checking for IPsec support in kernel
>>> [OK] Checking for RSA private key (/etc/ipsec.secrets)
>>> [OK]
>>> Checking that pluto is running [OK] Two
>>> or more interfaces found, checking IP forwarding [OK]
>>> Checking
>>> NAT and MASQUERADEing [OK] Checking for
>>> 'ip' command [OK] Checking for
>>> 'iptables' command [OK] Checking for
>>> 'setkey' command for NETKEY IPsec stack support [OK] Opportunistic
>>> Encryption Support [DISABLED]
>>>
>>> Please, anybody can help me?. Thanks.
>>>
>>> Regards.
>>> ------------------------------------------------------------------------
>>> _______________________________________________
>>> Users mailing list
>>> Users at openswan.org
>>> http://lists.openswan.org/mailman/listinfo/users
>>> The correct command to manually initiate your connection is "ipsec
>>> auto
>>> --up piolin".
>>>
>>> -------------------------------------------------------------------------
>>>--- _______________________________________________
>>> Users mailing list
>>> Users at openswan.org
>>> http://lists.openswan.org/mailman/listinfo/users
>>> this line [ 021 no connection named "piolin" ] tells me that the name
>>> piolin is not the correct name in the ipsec.conf file, but you say it
>>> is.
>>> can you send a copy of your conn file. the name for the connection
>>> should be whatever you put after the word conn in your file.
>> _______________________________________________
>> Users mailing list
>> Users at openswan.org
>> http://lists.openswan.org/mailman/listinfo/users
>
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
More information about the Users
mailing list