[Openswan Users] ipsec__pluto could not start connection

takeuchiyui at nttdata.co.jp takeuchiyui at nttdata.co.jp
Mon May 9 17:30:26 CEST 2005 

I would like to connect two machines with IPsec.

However, ipsec__pluto could not start connection.

Are there anything wrong with the description of ipsec.conf?

OS: Redhat Linux9,kernel:2.4.20_8 

Application: 
freeswan-userland-2.06_2.4.20_8-0.i386.rpm 
freeswan-module-2.06_2.4.20_8-0.i386.rpm 

Network:
        machineA---Hub----machineB
      192.168.10.1             192.168.10.2

------------error message--------------

Apr 28 19:35:18 IBM 4月 28 19:35:18 ipsec_setup: Starting FreeS/WAN IPsec 2.
06... 
Apr 28 19:35:18 IBM kernel: klips_info:ipsec_init: KLIPS startup, FreeS/WAN
IPSec version: 2.06 
Apr 28 19:35:18 IBM /etc/hotplug/net.agent: invoke ifup ipsec0 
Apr 28 19:35:18 IBM 4月 28 19:35:18 ipsec_setup: Using
/lib/modules/2.4.20-8/kernel/net/ipsec/ipsec.o 
Apr 28 19:35:18 IBM /etc/hotplug/net.agent: invoke ifup ipsec3 
Apr 28 19:35:18 IBM /etc/hotplug/net.agent: invoke ifup ipsec1 
Apr 28 19:35:18 IBM ipsec_setup: KLIPS debug `none' 
Apr 28 19:35:18 IBM /etc/hotplug/net.agent: invoke ifup ipsec2 
Apr 28 19:35:18 IBM kernel: 
Apr 28 19:35:18 IBM ipsec_setup: KLIPS ipsec0 on eth0
192.168.10.1/255.255.255.0 broadcast 192.168.10.255 
Apr 28 19:35:18 IBM ipsec_setup: ...FreeS/WAN IPsec started 
Apr 28 19:35:19 IBM ipsec__plutorun: 104 "sample" #1: STATE_MAIN_I1:
initiate 
Apr 28 19:35:19 IBM ipsec__plutorun: ...could not start conn "sample" 

-----------ipsec.conf-----------------

# /etc/ipsec.conf - FreeS/WAN IPsec configuration file 
# RCSID $Id: ipsec.conf.in,v 1.11 2003/06/13 23:28:41 sam Exp $ 

# This file: /usr/local/share/doc/freeswan/ipsec.conf-sample 
# 
# Manual: ipsec.conf.5 
# 
# Help: 
# http://www.freeswan.org/freeswan_trees/freeswan-2.06/doc/quickstart.html 
# http://www.freeswan.org/freeswan_trees/freeswan-2.06/doc/config.html 
# http://www.freeswan.org/freeswan_trees/freeswan-2.06/doc/adv_config.html 
# 
# Policy groups are enabled by default. See: 
# http://www.freeswan.org/freeswan_trees/freeswan-2.06/doc/policygroups.html

# 
# Examples: 
# http://www.freeswan.org/freeswan_trees/freeswan-2.06/doc/examples 


version 2.0 # conforms to second version of ipsec.conf specification 

# basic configuration line22 
config setup 
# Debug-logging controls: "none" for (almost) none, "all" for lots. 
interfaces="ipsec0=eth0" 
klipsdebug=none 
plutodebug=none 
#plutoload=%search 
#plutostart=%search 

# defaults for subsequent connection descriptions 

conn %default 
type=tunnel 
right=192.168.10.1 
authby=rsasig 
rightrsasigkey=0sAQOXcMG0Qg0907Gr8oeKQifnOs/ 
... 
/a2tlKfyh84kKvOZnGYWguWvW2r2mLxmoOfqnPPew== 
pfs=no 

# Add connections here. line 29 

# sample VPN connection 
conn sample 
left=192.168.10.2 
leftrsasigkey=0sAQPOKXh8CphXUJFWehvnkYam7+ 
.... 
+Za8LAmTk2h5nxr45anp2UxtDvqrCIJzeL9z5is82W2WOQ== 
auto=start 

# 
conn block 
auto=ignore 
conn private 
auto=ignore 
conn private-or-clear 
auto=ignore 
conn clear-or-private 
auto=ignore 
conn clear 
auto=ignore 
conn packetdefault 
auto=ignore 

Yoichi Takeuchi

E-mail: takeuchiyui at nttdata.co.jp

More information about the Users mailing list