[Openswan Users] Installing OpenSwan for the first time

Chris Thomas cthomas at harkinsbuilders.com
Wed Mar 12 13:06:53 EDT 2008

I am attempting to install OpenSwan on a Ubuntu 7.10 server.  I ran
apt-get install openswan and received the following after running ipsec


root at gatekeeper:/home/administrator# ipsec verify

Checking your system to see if IPsec got installed and started

Version check and ipsec on-path                                 [OK]

Linux Openswan U2.4.6/K2.6.22-14-server (netkey)

Checking for IPsec support in kernel                            [OK]

NETKEY detected, testing for disabled ICMP send_redirects       [FAILED]


  Please disable /proc/sys/net/ipv4/conf/*/send_redirects

  or NETKEY will cause the sending of bogus ICMP redirects!


NETKEY detected, testing for disabled ICMP accept_redirects     [FAILED]


  Please disable /proc/sys/net/ipv4/conf/*/accept_redirects

  or NETKEY will accept bogus ICMP redirects!


Checking for RSA private key (/etc/ipsec.secrets)

  ipsec showhostkey: no default key in "/etc/ipsec.secrets"

Checking that pluto is running                                  [OK]

Two or more interfaces found, checking IP forwarding            [FAILED]

Checking for 'ip' command                                       [OK]

Checking for 'iptables' command                                 [OK]

Opportunistic Encryption Support

root at gatekeeper:/home/administrator#  


I'm not exactly sure how to disable
"/proc/sys/net/ipv4/conf/*/send_redirects" and I'm not sure if
everything else there is OK or not.  It does not match watch the wiki
tells me I should have, so I want to address this before I proceed.


Thanks in advance,




-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20080312/40e89ef1/attachment.html 

More information about the Users mailing list