[Openswan Users] Problem in Configuring Openswan on RH9.0

bhavesh.shah at gatewaytechnolabs.com bhavesh.shah at gatewaytechnolabs.com
Mon Nov 7 06:51:50 CET 2005 

Dear Friends,

I am having two redhat 9.0 boxes having following conf:

hostname: tobias
IP: one live IP & 192.168.1.253


kernel: 2.4.20-30.9.openswan_1.0.3_1 
http://www.openswan.org/download/binaries/redhat/9/i386/RPMS/i686/kernel-2.4
.20-30.9.openswan_1.0.3_1.i686.rpm

Openswan:
(installed from the URL:
http://www.openswan.org/download/binaries/redhat/9/i386/RPMS/i386/openswan-2
.2.0-1rh9.i386.rpm

The same is the setup of another Linux box named yayati
IP: one live IP & 192.168.1.26

The live IPs on both the machine belongs to same subnet and having netmask
255.255.255.240

Now after installing the Openswan when I ran

#ipsec verify

it gave;

Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path                                         [OK]
Linux Openswan U2.2.0/K(no kernel code presently loaded)
Checking for IPsec support in kernel                                   
[FAILED]
Checking for RSA private key (/etc/ipsec.secrets)                       [OK]
Checking that pluto is running                                         
[FAILED]
whack: Pluto is not running (no "/var/run/pluto.ctl")
Two or more interfaces found, checking IP forwarding                   
[FAILED]
whack: Pluto is not running (no "/var/run/pluto.ctl")
Checking NAT and MASQUERADEing                                         
[N/A]
whack: Pluto is not running (no "/var/run/pluto.ctl")
Checking for 'ip' command                                               [OK]
Checking for 'iptables' command                                         [OK]
 
Opportunistic Encryption DNS checks:
   Looking for TXT in forward dns zone: tobias.test1.cxm               
[MISSING]
   Does the machine have at least one non-private address?              [OK]
   Looking for TXT in reverse dns zone: 152.103.131.202.in-addr.arpa.  
[MISSING]

On both the systems....initially everything was fine but when I restarted
ipsec using

#service ipsec restart

it gave;

ipsec_setup: /usr/libexec/ipsec/eroute: pfkey write failed, returning -1
with errno=22.

Anticipating some remedy to this...problem

Thanking you in advance!

Regards,
Bhavesh.

--------------------------------------------------------------------
mail2web - Check your email from the web at
http://mail2web.com/ .

More information about the Users mailing list