[Openswan Users] Xen, Amazon EC2, and the art of OpenSWAN
Michael Nguyen
michaeln at twentyten.org
Wed Sep 13 10:50:19 EDT 2006
From: "Paul Wouters" <paul at xelerance.com>
> On Wed, 13 Sep 2006, Michael Nguyen wrote:
[snip]
> Yes i did. I dont see anything odd. Can you show me the output of ipsec
> barf?
Sep 13 10:34:15 domu-12-31-33-00-01-a3 ipsec__plutorun: Restarting Pluto
subsystem...
Sep 13 10:34:15 domu-12-31-33-00-01-a3 pluto[26971]: Starting Pluto
(Openswan Version 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR;
Vendor ID OEz}FFFfgr_e)
Sep 13 10:34:15 domu-12-31-33-00-01-a3 pluto[26971]: Setting NAT-Traversal
port-4500 floating to on
Sep 13 10:34:15 domu-12-31-33-00-01-a3 pluto[26971]: port floating
activation criteria nat_t=1/port_fload=1
Sep 13 10:34:15 domu-12-31-33-00-01-a3 pluto[26971]: including
NAT-Traversal patch (Version 0.6c)
Sep 13 10:34:15 domu-12-31-33-00-01-a3 pluto[26971]: | opening /dev/urandom
Sep 13 10:34:15 domu-12-31-33-00-01-a3 pluto[26971]: | inserting event
EVENT_REINIT_SECRET, timeout in 3600 seconds
Sep 13 10:34:15 domu-12-31-33-00-01-a3 pluto[26971]: | inserting event
EVENT_PENDING_PHASE2, timeout in 120 seconds
Sep 13 10:34:15 domu-12-31-33-00-01-a3 pluto[26971]: ike_alg_register_enc():
Activating OAKLEY_AES_CBC: Ok (ret=0)
Sep 13 10:34:15 domu-12-31-33-00-01-a3 pluto[26971]: starting up 1
cryptographic helpers
Sep 13 10:34:15 domu-12-31-33-00-01-a3 pluto[26982]: | opening /dev/urandom
Sep 13 10:34:15 domu-12-31-33-00-01-a3 pluto[26971]: started helper
pid=26982 (fd:6)
Sep 13 10:34:15 domu-12-31-33-00-01-a3 pluto[26982]: ! helper 0 waiting on
fd: 7
Sep 13 10:34:15 domu-12-31-33-00-01-a3 pluto[26971]: | process 26971
listening for PF_KEY_V2 on file descriptor 7
Sep 13 10:34:15 domu-12-31-33-00-01-a3 pluto[26971]: Using Linux 2.6 IPsec
interface code on 2.6.16-xenU
Sep 13 10:34:15 domu-12-31-33-00-01-a3 pluto[26971]: FATAL ERROR: Failed to
bind bcast socket in init_netlink(). Errno 2: No such file or directory
I even turned on debugging! I don't think it helps in this case... If
there's anything else I could give, I would love to do so.
Michael
More information about the Users
mailing list