[Openswan Users] OpenSwan in UML

Jax cybercorecentre at gmail.com
Tue Oct 24 22:36:32 EDT 2006 

Hi all!

I trying to setup a simple L2TP/IPsec server in User Mode Linux. I 
follow the Openswan book but don't have much time to setup this. It 
would be a PSK based solution which looks really simple but I still 
can't get far in a week :(
I just wondering someone did actually made an uml image with this 
implementation from here? On the uml mailing not likely anyone did it 
before although I found a http://www.strongswan.org/uml/install.htm 
document but I don't want to waste time to gentoo, and I unfamiliar with 
strongswan. Now I installed the environment in a Debian UML machine.
Kernel: 2.6.18.1-bb2 and the whole system up-to-date (there wasn't any 
problem with the install) however there is some serious problem with 
pluto and it's generate 100% cpu usage:

# ipsec verify
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path                                 [OK]
Linux Openswan U2.4.6/K2.6.18.1-bb2 (netkey)
Checking for IPsec support in kernel                            [OK]
NETKEY detected, testing for disabled ICMP send_redirects       [OK]
NETKEY detected, testing for disabled ICMP accept_redirects     [OK]
Checking for RSA private key (/etc/ipsec.secrets)               [DISABLED]
  ipsec showhostkey: no default key in "/etc/ipsec.secrets"
Checking that pluto is running                                  [FAILED]
  whack: Pluto is not running (no "/var/run/pluto/pluto.ctl")
Two or more interfaces found, checking IP forwarding            [FAILED]
  whack: Pluto is not running (no "/var/run/pluto/pluto.ctl")
Checking NAT and MASQUERADEing                                  [OK]
Checking for 'ip' command                                       [OK]
Checking for 'iptables' command                                 [OK]
Opportunistic Encryption Support                                [DISABLED]

And in the syslog

ipsec__plutorun: ...could not start conn "west-east"
ipsec__plutorun: !pluto failure!:  exited with error status 1
ipsec__plutorun: restarting IPsec after pause...
ipsec__plutorun: whack: Pluto is not running (no "/var/run/pluto/pluto.ctl")

It won't help if I comment my own connection:

ipsec__plutorun: ...could not add conn "l2tp-psk-orgWIN2KXP"
ipsec__plutorun: whack: Pluto is not running (no "/var/run/pluto/pluto.ctl")


And in ipsec.conf  plutodebug="all" so this is the max output, if I try 
to start pluto with manually then nothing happens.


Btw my first setup was worst. I made it in FC4 and everything work until 
I restarted the machine, after that I got strange messages when ipsec 
started:

"Resource temporary unavailable" or something like this, I can't even 
ping the remote host.

And I can't find an answer for a day so I deleted that whole system :(

Please help.

Best Regards,

Jax

More information about the Users mailing list