[Openswan Users] KIPS broken, NETKEY works (Was: Changed certificates and it stopped working)
Turbo Fredriksson
turbo at bayour.com
Sat Nov 4 05:39:39 EST 2006
Quoting Jacco de Leeuw <jacco2 at dds.nl>:
> Turbo Fredriksson wrote:
>
>> Looking at this again, I see that the 'ipsec.ko' module
>> is NOT loaded!
>> Any ideas?
>
> I suppose your KLIPS setup is borken (is that Swedish? :-)
> and if you use NETKEY it works.
Any idea WHY it's broken? What's the difference between KLIPS
and NETKEY, and why exactly (short if you may :) should I use
the one before the other?
Quoting Paul Wouters <paul at xelerance.com>:
> On Fri, 3 Nov 2006, Turbo Fredriksson wrote:
>
>> If it IS loaded, it won't work... So if pluto is restarted,
>> it loads the module and IPSec stops working...
>>
>> I also noticed that my Internet connection didn't
>> work any more (i.e., I couldn't "surf the web").
>> Doing a trace to any IP on the Internet stops
>> at workfw VLAN IP (ppp0:192.168.100.254).
>
> include /etc/ipsec.d/examples/no_oe.conf
It IS included... Or do you mean that's the problem?
No, without it it doesn't work at all. The link comes
up, but I can't ping the other end of the VPN link.
----- s n i p -----
Nov 4 11:42:16 workfw pluto[2750]: ignoring duplicate netlink acquire event for <WORKFW_IP> to 128.8.10.90
Nov 4 11:42:17 workfw pluto[2750]: Can not opportunistically initiate for 192.168.1.2 to 192.12.94.30: KEY record for hostname as %myid (no good TXT): failure querying DNS for KEY of workfw.: Host name lookup failure
----- s n i p -----
More information about the Users
mailing list