[Openswan Users] Strange message in syslog but openswan is working!!!
Linux User
rluglinux at gmail.com
Wed Jun 13 11:13:35 EDT 2007
Hello swan experts,
I've setup openswan to tunel between 2 networks. My config comes below. The
problem is that tunel is working, i have connectivity between networks but,
when i start ipsec, a strange message appear in my syslog:
Jun 13 17:52:59 nx ipsec__plutorun: 104 "z2" #1: STATE_MAIN_I1: initiate
Jun 13 17:52:59 nx ipsec__plutorun: ...could not start conn "z2"
And tunel comes up!!!! And yes, on the oposite side, ipsec is already
running!!!!
What kind of bug could be? If not a bug, what i missed from my config?
[root at nx ~]# cat /etc/issue
CentOS release 4.5 (Final)
Kernel \r on an \m
[root at nx ~]#
[root at nx ~]# uname -r
2.6.9-55.EL
[root at nx ~]#
[root at nx ~]# rpm -q openswan
openswan-2.4.8-1
[root at nx ~]#
[root at nx ~]# service ipsec start
[root at nx ~]# tail -f /var/log/messages
Jun 13 17:52:59 nx ipsec_setup: ...Openswan IPsec started
Jun 13 17:52:59 nx ipsec_setup: Starting Openswan IPsec U2.4.8/K2.6.9-
55.EL...
Jun 13 17:52:59 nx ipsec__plutorun: 104 "z2" #1: STATE_MAIN_I1: initiate
Jun 13 17:52:59 nx ipsec__plutorun: ...could not start conn "z2"
[root at nx ~]# cat /etc/ipsec.conf
version 2.0
conn z2
authby=secret
left=1.2.3.4
leftsubnet=192.168.13.0/24
leftnexthop=1.2.3.111
right=5.6.7.8
rightsubnet=10.0.0.0/24
rightnexthop=5.6.7.222
keyexchange=ike
auth=esp
esp=3des-md5-96
keylife=8h
pfs=no
auto=start
include /etc/ipsec.d/examples/no_oe.conf
[root at nx ~]#
I performed some tests between different openswan (from 2.4.5 up to 2.4.8)
versions or kernel 2.6.x versions and problem persist, so it seems to be a
parameter missing in my ipsec.conf ...
Any hints,
Alx
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20070613/901f1d30/attachment-0001.html
More information about the Users
mailing list