[Openswan Users] "We cannot identify ourselves with either end of this connection"

kartikeyan s octeon at gmail.com
Tue Nov 7 06:47:47 EST 2006

Message Body Inline

On 11/6/06, Paul Wouters <paul at xelerance.com> wrote:
> On Mon, 6 Nov 2006, kartikeyan s wrote:
> >     "We cannot identify ourselves with either end of this connection"
> > conn    samplev6
> >        type=tunnel
> >        connaddrfamily=ipv6
> >        left=3000:2000::1000
> >        leftsubnet=3100:2000::/64
> >        right=3000:2000::1001
> >        rightsubnet=3200:2000::/64
> >        auto=add
> >        esp=3des-md5-96
> >        authby=secret
> >        leftrsasigkey=%none
> the old scripts do not handle ipv6 properly. The new addcon code might
> work better. Try openswan-2.5.00. If they also do not fully support
> ipv6 yet (we currently are not testing it), then you might need to
> use ipsec whack directly to load and initiate ipv6 based connections.

I tried /usr/local/libexec/ipsec/whack --name samplev6 --initiate
I still get the same error.

Does openswan 2.4.6 ever tested with Linux Kernel 2.4.20-30.9 and IPv6 ?
I mean does the basic functionality work?
Or Am I doing something wrong

In my case eth0 case an IPv4 address
IPv6 address 3000:2000::1000                    scope global
IPv6 address fe80::2e0:9fff:fe28:dc30/64     scope link local

when I do service ipsec start
ipsec0 interface has only IPv4 address and IPv6 link local address.
Scope Global address is missing. why  ????
I tried to assign it forcibly without errors by the following commands.

ifconfig eth0 inet6 add 3000:2000::1000;
whack --name samplev6 --initiate

But still I get the same error
"We cannot identify ourselves with either end of this connection"

Any Ideas ??


> --
> Building and integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20061107/05f4875c/attachment.html 

More information about the Users mailing list