[Openswan Users] Openswan: ip xfrm policy shows different data than /etc/ipsec.conf
ianbrn at gmail.com
Sun Feb 3 07:28:25 EST 2008
I tried it, unforrunately without success.
I had set tun to 172.16.0.1 on one machine.
I had set tun to 172.17.0.1 on the second machine.
I get on one machine:
Feb 3 14:21:24 machine1 ipsec_setup: ...Openswan IPsec started
Feb 3 14:21:24 machine1 ipsec__plutorun: 104 "linux-to-linux-1" #1:
Feb 3 14:21:24 machine1 ipsec__plutorun: ...could not start conn
and on the second
Feb 3 14:19:44 machine2 ipsec__plutorun: 104 "linux-to-linux-1" #1:
Feb 3 14:19:44 machine2 ipsec__plutorun: ...could not start conn
The ipsec.conf I have on both machines is:
And "service ipsec status" shows:
IPsec running - pluto pid: #pid
No tunnels up
- on both machine
ifconfig tun shows that the tun interfcae is up on both machines.
Any ideas what went wrong here ?
2008/1/31 Witold Golab <w.golab at gtn.pl>:
> Dnia czwartek 31 stycznia 2008, w temacie "Re: [Openswan Users] Openswan: ip
> xfrm policy shows different data than /etc/ipsec.conf" napisał(e|a)ś:
> > Witold ,
> > Yes, as a rule you are right.
> > Host to host connection is in transport mode.
> > Any ideas if I can simulate tunnel mode on a local network somehow ?
> > (So that two machines will connect in tunnel mode with IPsec)
> Try add tuntap or gre or whatsever (virtual) interfaces on both sides
> on one side:
> tun0 172.16.0.1/24
> on second side:
> tun0 172.17.0.1/24
> Witold Golab
More information about the Users