[Openswan Users] Installing OpenSwan for the first time

[Chris Thomas]

I am attempting to install OpenSwan on a Ubuntu 7.10 server.  I ran
apt-get install openswan and received the following after running ipsec
verify:

 

root at gatekeeper:/home/administrator# ipsec verify

Checking your system to see if IPsec got installed and started
correctly:

Version check and ipsec on-path                                 [OK]

Linux Openswan U2.4.6/K2.6.22-14-server (netkey)

Checking for IPsec support in kernel                            [OK]

NETKEY detected, testing for disabled ICMP send_redirects       [FAILED]

 

  Please disable /proc/sys/net/ipv4/conf/*/send_redirects

  or NETKEY will cause the sending of bogus ICMP redirects!

 

NETKEY detected, testing for disabled ICMP accept_redirects     [FAILED]

 

  Please disable /proc/sys/net/ipv4/conf/*/accept_redirects

  or NETKEY will accept bogus ICMP redirects!

 

Checking for RSA private key (/etc/ipsec.secrets)
[DISABLED]

  ipsec showhostkey: no default key in "/etc/ipsec.secrets"

Checking that pluto is running                                  [OK]

Two or more interfaces found, checking IP forwarding            [FAILED]

Checking for 'ip' command                                       [OK]

Checking for 'iptables' command                                 [OK]

Opportunistic Encryption Support
[DISABLED]

root at gatekeeper:/home/administrator#  

 

I'm not exactly sure how to disable
"/proc/sys/net/ipv4/conf/*/send_redirects" and I'm not sure if
everything else there is OK or not.  It does not match watch the wiki
tells me I should have, so I want to address this before I proceed.

 

Thanks in advance,

-Chris

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20080312/40e89ef1/attachment.html