[Openswan Users] "We cannot identify ourselves with either end of this connection"
octeon at gmail.com
Tue Nov 7 06:47:47 EST 2006
Message Body Inline
On 11/6/06, Paul Wouters <paul at xelerance.com> wrote:
> On Mon, 6 Nov 2006, kartikeyan s wrote:
> > "We cannot identify ourselves with either end of this connection"
> > conn samplev6
> > type=tunnel
> > connaddrfamily=ipv6
> > left=3000:2000::1000
> > leftsubnet=3100:2000::/64
> > right=3000:2000::1001
> > rightsubnet=3200:2000::/64
> > auto=add
> > esp=3des-md5-96
> > authby=secret
> > leftrsasigkey=%none
> the old scripts do not handle ipv6 properly. The new addcon code might
> work better. Try openswan-2.5.00. If they also do not fully support
> ipv6 yet (we currently are not testing it), then you might need to
> use ipsec whack directly to load and initiate ipv6 based connections.
I tried /usr/local/libexec/ipsec/whack --name samplev6 --initiate
I still get the same error.
Does openswan 2.4.6 ever tested with Linux Kernel 2.4.20-30.9 and IPv6 ?
I mean does the basic functionality work?
Or Am I doing something wrong
In my case eth0 case an IPv4 address 192.168.190.51
IPv6 address 3000:2000::1000 scope global
IPv6 address fe80::2e0:9fff:fe28:dc30/64 scope link local
when I do service ipsec start
ipsec0 interface has only IPv4 address and IPv6 link local address.
Scope Global address is missing. why ????
I tried to assign it forcibly without errors by the following commands.
ifconfig eth0 inet6 add 3000:2000::1000;
whack --name samplev6 --initiate
But still I get the same error
"We cannot identify ourselves with either end of this connection"
Any Ideas ??
> Building and integrating Virtual Private Networks with Openswan:
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users