[Openswan Users] KIPS broken, NETKEY works (Was: Changed certificates and it stopped working)

Turbo Fredriksson turbo at bayour.com
Sat Nov 4 05:39:39 EST 2006

Quoting Jacco de Leeuw <jacco2 at dds.nl>:

> Turbo Fredriksson wrote:
>> Looking at this again, I see that the 'ipsec.ko' module
>> is NOT loaded!
>> Any ideas?
> I suppose your KLIPS setup is borken (is that Swedish? :-)
> and if you use NETKEY it works.

Any idea WHY it's broken? What's the difference between KLIPS
and NETKEY, and why exactly (short if you may :) should I use
the one before the other?

Quoting Paul Wouters <paul at xelerance.com>:

> On Fri, 3 Nov 2006, Turbo Fredriksson wrote:
>> If it IS loaded, it won't work... So if pluto is restarted,
>> it loads the module and IPSec stops working...
>> I also noticed that my Internet connection didn't
>> work any more (i.e., I couldn't "surf the web").
>> Doing a trace to any IP on the Internet stops
>> at workfw VLAN IP (ppp0:
> include /etc/ipsec.d/examples/no_oe.conf

It IS included... Or do you mean that's the problem?
No, without it it doesn't work at all. The link comes
up, but I can't ping the other end of the VPN link.

----- s n i p -----
Nov  4 11:42:16 workfw pluto[2750]: ignoring duplicate netlink acquire event for <WORKFW_IP> to
Nov  4 11:42:17 workfw pluto[2750]: Can not opportunistically initiate for to KEY record for hostname as %myid (no good TXT): failure querying DNS for KEY of workfw.: Host name lookup failure
----- s n i p -----

More information about the Users mailing list