[Openswan Users] problems with: could not start conn "tunnel"
Paul Wouters
paul at xelerance.com
Wed Mar 29 02:40:39 CEST 2006
On Tue, 28 Mar 2006, Vida Luz Arista wrote:
> In /var/log/secure I have the follwing message:
>
> Mar 28 16:22:28 ns pluto[5175]: Could not change to directory
> '/etc/ipsec.d/ocspcerts'
> Mar 28 16:22:28 ns pluto[5175]: Could not change to directory
> '/etc/ipsec.d/crls'
> Mar 28 16:22:28 ns pluto[5175]: added connection description "tunnelipsec"
> Mar 28 16:22:28 ns pluto[5175]: listening for IKE messages
> Mar 28 16:22:28 ns pluto[5175]: adding interface eth1/eth1 172.16.1.1:500
> Mar 28 16:22:28 ns pluto[5175]: adding interface eth0/eth0 165.98.224.82:500
> Mar 28 16:22:28 ns pluto[5175]: adding interface lo/lo 127.0.0.1:500
> Mar 28 16:22:28 ns pluto[5175]: adding interface lo/lo ::1:500
> Mar 28 16:22:28 ns pluto[5175]: loading secrets from "/etc/ipsec.secrets"
> Mar 28 16:22:29 ns pluto[5175]: "tunnelipsec" #1: initiating Main Mode
You should have more after this. Either an error, or a re-transmit.
If you see a retransmit, it looks like a firewall rule somewhere blocking
port udp 500.
Paul
More information about the Users
mailing list