[Openswan Users] problem using openswan on gentoo linux.

Jens-Uwe Katolla katolla at otris.de
Sun Oct 2 22:48:14 CEST 2005 

> On Sun, 2 Oct 2005, Jens-Uwe Katolla wrote:
>
>> i was successfully using openswan a while on a gentoo linux system. But
now after some updates to the system i have problems starting it.
>>
>> The logfile /var/log/messages says:
>>
>> Oct  2 13:43:08 amd64 ipsec__plutorun: Starting Pluto subsystem... Oct 
2 13:43:08 amd64 ipsec__plutorun: awk: cmd. line:52:       function
default(k, val) {
>
> you got a new ack which was compiled with the keyword 'default'. Either
upgrade openswan or edit /usr//libexec/ipsec/auto and change the
function 'default' to 'openswan_default'.
done this. Now it starts again, but tunnel did not establish, are there
important changes in config from 2.3.x to 2.4.x ?

log says:

Oct  2 21:38:28 amd64 pluto[5517]: "otrisnet-juknet" #1: initiating Main
Mode Oct  2 21:38:28 amd64 pluto[5517]: "otrisnet-juknet" #1: received
Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] method set to=108
Oct  2 21:38:28 amd64 pluto[5517]: "otrisnet-juknet" #1: enabling possible
NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct  2 21:38:28 amd64 pluto[5517]: "otrisnet-juknet" #1: transition from
state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct  2 21:38:28 amd64 pluto[5517]: "otrisnet-juknet" #1: STATE_MAIN_I2:
sent MI2, expecting MR2
Oct  2 21:38:28 amd64 pluto[5517]: "otrisnet-juknet" #1: NAT-Traversal:
Result using draft-ietf-ipsec-nat-t-ike-02/03: i am NATed
Oct  2 21:38:28 amd64 pluto[5517]: "otrisnet-juknet" #1: I am sending my
cert Oct  2 21:38:28 amd64 pluto[5517]: "otrisnet-juknet" #1: I am sending
a certificate request
Oct  2 21:38:28 amd64 pluto[5517]: "otrisnet-juknet" #1: transition from
state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct  2 21:38:28 amd64 pluto[5517]: "otrisnet-juknet" #1: STATE_MAIN_I3:
sent MI3, expecting MR3
Oct  2 21:38:28 amd64 pluto[5517]: packet from xxx.xxx.xxx.xxx:4500:
Informational Exchange is for an unknown (expired?) SA

and than it hangs... i changed nothing in the config files... before the
updates everything was ok. Maybe i try switching back to 2.3.1 since i now
know what to change for this "default" issue.

>
>> I am using openswan-2.4.0 (also tried 2.4.1dr1 and 2.3.1) and gawk GNU
Awk 3.1.4 Copyright (C) 1989, 1991-2003 Free Software Foundation.
>
> Really? This should have been fixed in 2.4.x. I'll double check that for
2.4.2.
yes:

Starting Pluto (Openswan Version 2.4.1dr1 X.509-1.5.4 PLUTO_SENDS_VENDORID
PLUTO_USES_KEYRR; Vendor ID OEVrxNnzrRMV)

thanks.
-- 
Jens-Uwe Katolla                         katolla at otris.de

otris software AG                        http://www.otris.de
Landgrafenstr. 153                       Fon  +49 (0)231  95 80 69 -0
D-44139 Dortmund                         Fax  +49 (0)231  95 80 69 -44

More information about the Users mailing list