[Openswan Users] Some problem in ipsec verify command
andy at andynet.net
Thu Aug 10 06:15:41 EDT 2006
On Thu, 2006-08-10 at 21:14 +0800, Shinping Chen wrote:
> Hi all,
> First at all,
> I come from Non-english country and my english is bad ,
> I try to explain my question in english on my best
It's fine :)
> I try to install Openswan 2.4.4 on Debian linux Kernel 2.6.13
> I follow openswan document to complie openswan source
Debian have an Openswan package available. But it should be no problem
to compile it yourself instead.
But if you compile it yourself, it would make sense to use the latest
version. 2.4.4 is quite old now. 2.4.6 is the latest.
> # make programs
> #make install
> it's OK!
> and start ipsec
> # /etc/init.d/ipsec start
> ipsec_setup: Starting Openswan IPsec U2.4.4/K2.6.13...
But it's not really OK :)
Your verify is saying pluto is not running. So it probably started and
In Debian, you should check /var/log/auth.log to find out why.
> Here is my problem
> When I try to verify ipsec status
> I got these messages
> # ipsec verify
> Checking your system to see if IPsec got installed and started
> Version check and ipsec on-path [OK]
> Linux Openswan U2.4.4/K2.6.13(netkey)
> Checking for IPsec support in kernel [OK]
> Checking for RSA private key (/etc/ipsec.secrets) [OK]
> >Checking that pluto is running
> >whack: is Pluto running? connect() for "/var/run/pluto/pluto.ctl"
> failed (146 Connection refused)
> Checking for 'ip' command
> Checking for 'iptables' command [OK]
> Checking for 'setkey' command for NETKEY IPsec stack support
> Opportunistic Encryption Support
> In /var/run/pluto/ directory have "pluto.ctl",
> but I stop ipsec,this file(pluto.ctl) still in there and got these
> ipsec_setup: Stopping Openswan IPsec...
> ipsec_setup: Removing orphaned /var/run/pluto/pluto.pid:
> I search on Google in many days but can't find best solution to solve
> this problem
> If this question have been discussed in many times,I apologize
> Thanks for ur help!
> -Shinping Chen
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
> Users at openswan.org
> Building and Integrating Virtual Private Networks with Openswan:
More information about the Users