[Openswan Users] 021 no connection named "net-to-net"

Srdjan Vlahovic srleiqnet at hotmail.com
Mon Oct 17 15:59:23 CEST 2005 

Hello,

Trying to setup VPN using Openswan U2.2.0/K2.6.8-24.18 under SuSE Server 9. 
Followed the instructions on wiki.openswan.org (can't put the exact URL as 
Wiki has been down for a while). I am not able to get passed the message 
listed in a subject.

During the machine bootup, I get the following errors in log:
#/var/log/messages:
ipsec__plutorun: Starting Pluto subsystem...
ipsec__plutorun: /usr/lib/ipsec/_plutorun: line 215: /usr/lib/ipsec/pluto: 
No such file or directory
ipsec_setup: ...Openswan IPsec started
ipsec__plutorun: pluto unexpectedly said `exit'
ipsec__plutorun: pluto unexpectedly said `127'
ipsec__plutorun: pluto died unexpectedly!?!
ipsec__plutorun: internal failure in pluto scripts, impossible to carry on
pluto[8741]: Starting Pluto (Openswan Version 2.2.0 X.509-1.5.4 
PLUTO_USES_KEYRR)

I start it manually with 'ipsec pluto' command, and I start the listener 
with 'ipsec whack --listen'. After that 'ipsec verify' shows all OK, but 
when I do 'ipsec auto --up net-to-net' I am getting the error mentioned 
above (021 no connection named "net-to-net"). After google-ing it seems the 
format of my /etc/ipsec.conf is incorrect, but I can't see what's wrong with 
it (tried to keep it as small as possible):
#/etc/ipsec.conf
version 2.0

config setup
        interfaces=ipsec0=eth0
        klipsdebug=none
        plutodebug=none
        #plutoload=%search
        #plutostart=%search
        plutowait=yes
        uniqueids=yes
        nat_traversal=yes

conn %default
        keyingtries=1
        compress=yes
        disablearrivalcheck=no
        leftrsasigkey=%cert
        rightrsasigkey=%cert
        authby=rsasig

conn net-to-net
        left=xxx.xxx.xxx.xxx
        leftsubnet=192.168.200.0/24
        leftid=@admin.left.com
        leftrsasigkey=[keyid AQNzm6osD...]
        leftnexthop=%defaultroute
        right=xxx.xxx.xxx.xxx
        rightsubnet=192.168.220.0/24
        rightid=@admin.right.com
        rightrsasigkey=[keyid AQNywGNCs...]
        rightnexthop=%defaultroute
        auto=start
--------

Can someone point me in the right direction, and also if someone could tell 
me what is the _minimum_ information required in /etc/ipsec.conf? Strange 
thing is that I get the exact same error even if I rename /etc/ipsec.conf, 
so I'm not even sure if IPsec is reading that file or not.

Thanks and regards, Srdjan

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE! 
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/

More information about the Users mailing list