[Openswan Users] Tunnel fails to start, but nothing logged....
Andy Gay
andy at andynet.net
Thu Aug 3 05:18:56 EDT 2006
On Thu, 2006-08-03 at 09:53 +0100, Matthew Claridge wrote:
> Hi,
>
> I'm setting up a vpn tunnel to one of our customers' Cisco Pix
> firewalls, from a Fedora Core5 system, using OpenSwan-2.4.4-1.1.2.1
>
> The tunnel is failing to start, but nothing useful is logged:
Where are you looking for the logs? They should be in /var/log/secure on
FC systems.
BTW - you really don't want to set klips/plutodebug=all. You'll get so
much in your logs that you'll probably never find the important stuff.
Comment out or remove those debug lines please.
>
> Jul 24 00:12:44 vpn1 ipsec_setup: KLIPS ipsec0 on eth0
> 62.189.139.60/255.255.255.0 broadcast 62.189.139.255
> Jul 24 00:12:44 vpn1 ipsec_setup: ...Openswan IPsec started
> Jul 24 00:12:47 vpn1 ipsec__plutorun: 104 "amextunnel" #1:
> STATE_MAIN_I1: initiate
> Jul 24 00:12:47 vpn1 ipsec__plutorun: ...could not start conn
> "amextunnel"
>
> This is my ipsec.conf:
>
> config setup
> interfaces=%defaultroute
> klipsdebug=all
> plutodebug=all
> nat_traversal=yes
>
> conn amextunnel
> type= tunnel
> left= 62.189.139.60
> leftnexthop= 62.189.139.5
> leftsubnet= 192.168.5.0/24
> right= 89.234.17.132
> rightnexthop=
> rightsubnet= 192.168.201.0/24
> esp= 3des-sha1-96
> keyexchange= ike
> pfs= no
> auto= start
>
>
> The log entries and results are identical whether I use OE or not.
>
> Anyone have any ideas what might be going on, where to start looking or
> how to get more information out of it?
>
> Thanks in advance,
> Matt
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>
More information about the Users
mailing list