[Openswan Users] openswan startup and version interoperability

Brian Sheets brians at fl240.com
Sun Jul 23 19:09:34 CEST 2006 

 Debian linux, kernel vmlinuz-2.6.15-1-686, openswan version
1:2.4.5+dfsg-
 0.2
 
 Trying to connect to openswan 2.2.0
 
 Config on both sides
 
 version 2.0     # conforms to second version of ipsec.conf
specification
 
 config setup
         plutodebug=all
         interfaces=%defaultroute
 
 
virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:
 !10.0.0.0/24
 
 conn net-to-net
     left=207.7.xx.xx
     leftsubnet=10.1.0.0/16
     leftid=@l3-gateway1.xx.net       #
     leftrsasigkey=<the really long key>
     leftnexthop=%defaultroute      # correct in many situations
     right=198.172.xx.xx
     rightsubnet=10.200.0.0/16
     rightid=@gateway1.xx.net
     rightrsasigkey=<the other really long key>
     rightnexthop=%defaultroute     # correct in many situations
     auto=add                       # authorizes but doesn't start this
                                    # connection at startup
 # Add connections here
 
 #Disable Opportunistic Encryption
 include /etc/ipsec.d/examples/no_oe.conf

 
 startup on the 2.6.15 kernal box gives me
 
 l3-gateway1:/etc/init.d# sh ./ipsec restart
 ipsec_setup: Stopping Openswan IPsec...
 ipsec_setup: Starting Openswan IPsec 2.4.5...
 ipsec_setup: insmod /lib/modules/2.6.15-1-686/kernel/net/key/af_key.ko
 ipsec_setup: insmod /lib/modules/2.6.15-1-
 686/kernel/net/ipv4/xfrm4_tunnel.ko
 ipsec_setup: insmod
/lib/modules/2.6.15-1-686/kernel/net/xfrm/xfrm_user.ko
 ipsec_setup: insmod /lib/modules/2.6.15-1-
 686/kernel/drivers/char/hw_random.ko
 ipsec_setup: FATAL: Error inserting hw_random (/lib/modules/2.6.15-1-
 686/kernel/drivers/char/hw_random.ko): No such device
 ipsec_setup: insmod /lib/modules/2.6.15-1-
 686/kernel/drivers/crypto/padlock.ko
 ipsec_setup: FATAL: Error inserting padlock (/lib/modules/2.6.15-1-
 686/kernel/drivers/crypto/padlock.ko): No such device
 
 In addition, ipsec auto --up net-to-net hangs from the command line,
but
 on the other, openswan 2.2 system, there is an attempt to make a
 connection in the logs
 
 So, my question, are the errors bad? What could be causing it to hang?
 
 Thanks
 
 Brian

More information about the Users mailing list