[Openswan Users] ipsec needed restart

sasa sasa at shoponweb.it
Tue Nov 8 10:34:33 CET 2005 

Hi, I use on Fedora Core 1 and kernel 2.4.22 the openswan 2.3.1-21 version 
but I have a problem that it forces to me to restart the service ipsec.
My ipsec.conf is:

config setup
interfaces="ipsec0=eth0"
nat_traversal=yes

conn %default
authby=secret

conn left-road
auto=add
authby=secret
pfs=no
type=transport
left=1.2.3.4
leftnexthop=1.2.3.5
leftprotoport=17/1701
right=%any
rightprotoport=17/1701
include /etc/ipsec.d/examples/no_oe.conf

.. when restart ipsec service I have:

[root at test2 root]# service ipsec restart
ipsec_setup: Stopping Openswan IPsec...
ipsec_setup: Attempt to shut Pluto down failed!  Trying kill:
ipsec_setup: /usr/lib/ipsec/_realsetup: line 1: kill: (28664) - No such 
process
ipsec_setup: Starting Openswan IPsec Ucvs2002Mar11_19:19:03/K2.1.2rc3..

..in the log file:

Nov  7 17:41:51 test2 pluto[28664]: "left-road"[6] x.x.x.x #1071: Can't 
authenticate: no preshared key found for `1.2.3.4' and `%any'.  Attribute 
OAKLEY_AUTHENTICATION_METHOD
Nov  7 17:41:51 test2 last message repeated 2 times
Nov  7 17:41:51 test2 pluto[28664]: "left-road"[6] x.x.x.x #1071: 
OAKLEY_DES_CBC is not supported.  Attribute OAKLEY_ENCRYPTION_ALGORITHM
Nov  7 17:41:51 test2 pluto[28664]: "left-road"[6] 81.174.38.254 #1071: 
OAKLEY_DES_CBC is not supported.  Attribute OAKLEY_ENCRYPTION_ALGORITHM
Nov  7 17:41:51 test2 pluto[28664]: "left-road"[6] x.x.x.x #1071: no 
acceptable Oakley Transform
Nov  7 17:41:51 test2 pluto[28664]: "left-road"[6] x.x.x.x #1071: sending 
notification NO_PROPOSAL_CHOSEN to x.x.x.x:500
Nov  7 17:41:51 test2 pluto[28664]: "left-road"[6] x.x.x.x #1071: failed to 
build notification for spisize=0

thanks.

------
Salvatore.

More information about the Users mailing list