[Openswan Users] stinghorn patched openswan 2.3.0 IPSEC
Agent Smith
news8080 at yahoo.com
Wed Sep 21 16:51:30 CEST 2005
here we go,
(I've tried it with 3 different klips code including
2.3.0 patch from openswan website and it still has
same error message when I restart ipsec)
# uname -a
Linux l2tpgw 2.4.31OSW2431 #2 SMP Wed Sep 14 19:04:58
EDT 2005 i686 i686 i386 GNU/Linux
# ipsec version
Linux Openswan U2.3.0/K2.4.1dr1 (klips)
See `ipsec --copyright' for copyright information.
[root at l2tpgw openswan-2.3.0.patched-with-stinghorn]#
cat ipsec.conf /tmp/a
version 2.0 # conforms to second version of
ipsec.conf specification
config setup
klipsdebug=none
plutodebug=none
nat_traversal=yes
virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16
interfaces=%defaultroute
conn %default
keyingtries=1
auto=add
disablearrivalcheck=no
pfs=no
ike=3des-md5,aes128-md5,aes128-sha
esp=3des-md5,aes128-md5,aes128-sha1
leftrsasigkey=%dnsondemand
leftnexthop=%defaultroute
rightrsasigkey=%dnsondemand
conn L2TP-CERT-WIN2kXP
type=tunnel
authby=rsasig
left=10.9.3.32
leftrsasigkey=%cert
leftcert=host.example.com.pem
leftprotoport=17/1701
right=%any
rightsubnet=vhost:%all
rightprotoport=17/1701
rightrsasigkey=%cert
conn L2TP-CERT-MACOSX-PT
type=tunnel
authby=rsasig
left=10.9.3.32
leftrsasigkey=%cert
leftcert=host.example.com.pem
leftprotoport=17/1701
right=%any
rightsubnet=vhost:%all
rightprotoport=17/%any
rightrsasigkey=%cert
include /etc/ipsec.d/examples/no_oe.conf
Sep 21 23:46:33 l2tpgw ipsec_setup: KLIPS ipsec0 on
eth1 10.9.3.32/255.255.255.0 broadcast 10.9.3.255
Sep 21 23:46:33 l2tpgw ipsec_setup: ...Openswan IPsec
started
Sep 21 23:46:33 l2tpgw ipsec_setup: Starting Openswan
IPsec U2.3.0/K2.4.1dr1...
Sep 21 23:46:33 l2tpgw ipsec__plutorun:
/usr/local/libexec/ipsec/pluto: unrecognized option
`--virtual_private'
Sep 21 23:46:33 l2tpgw ipsec__plutorun: Usage: pluto
[--help] [--version] [--optionsfrom <filename>] \
Sep 21 23:46:33 l2tpgw ipsec__plutorun:
[--nofork] [--stderrlog] [--noklips] [--nocrsend]
[--strictcrlpolicy] [--crlcheckinterval] [--ocspuri]
[--uniqueids] \
Sep 21 23:46:33 l2tpgw ipsec__plutorun:
[--interface <ifname>] [--ikeport <port-number>] \
Sep 21 23:46:33 l2tpgw ipsec__plutorun:
[--ctlbase <path>] \
Sep 21 23:46:33 l2tpgw ipsec__plutorun:
[--perpeerlogbase <path>] [--perpeerlog] \
Sep 21 23:46:33 l2tpgw ipsec__plutorun:
[--secretsfile <secrets-file>] [--ipsecdir
<ipsec-dir>] \
Sep 21 23:46:33 l2tpgw ipsec__plutorun: [--adns
<pathname>][--nhelpers <number>] \
Sep 21 23:46:33 l2tpgw ipsec__plutorun:
[--debug-none] [--debug-all] \
Sep 21 23:46:33 l2tpgw ipsec__plutorun:
[--debug-raw] [--debug-crypt] [--debug-parsing]
[--debug-emitting] \
Sep 21 23:46:33 l2tpgw ipsec__plutorun:
[--debug-control] [--debug-klips] [--debug-dns]
[--debug-dpd] [ --debug-private] [ --debug-pfkey] [
--debug-nat_t] \
Sep 21 23:46:33 l2tpgw ipsec__plutorun:
[--nat_traversal] [--keep_alive <delay_sec>] \
Sep 21 23:46:33 l2tpgw ipsec__plutorun:
[--force_keepalive] [--disable_port_floating]
Sep 21 23:46:33 l2tpgw ipsec__plutorun: Openswan 2.3.0
Sep 21 23:46:34 l2tpgw ipsec__plutorun: pluto
unexpectedly said `exit'
Sep 21 23:46:34 l2tpgw ipsec__plutorun: pluto
unexpectedly said `1'
Sep 21 23:46:34 l2tpgw ipsec__plutorun: pluto died
unexpectedly!?!
Sep 21 23:46:34 l2tpgw ipsec__plutorun: internal
failure in pluto scripts, impossible to carry on
--- Paul Wouters <paul at xelerance.com> wrote:
> On Wed, 21 Sep 2005, Agent Smith wrote:
>
> > I've been messing with it to no avail, it doen't
> like
> > the virtual_private word in ipsec.conf for some
> reason
> > and I don't see any way around it.
>
> That is a simple error then. show us your
> virtual_private line.
>
> Paul
>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the Users
mailing list