[Openswan Users] DIsable NETKEY
Paul Wouters
paul at xelerance.com
Tue Mar 25 11:49:00 EDT 2008
On Tue, 25 Mar 2008, Hammad wrote:
> How do i disable Netkey?
> because of Netkey; its not binding to an interface out of multiple.
>
> [root at flexigw ~]# service ipsec restart
> ipsec_setup: Stopping Openswan IPsec...
> ipsec_setup: Starting Openswan IPsec U2.5.17/K2.6.24.2-xenU...
With openswan 2.5.x, you can add to config setup:
protostack=klips
> *ipsec_setup: WARNING: interfaces= is ignored when using the NETKEY stack*
That's fine.
> *.. and even when IPSec and ISAKMP are established; while trying with #
> ipsec auto --up connection
>
> # service ipsec status
> give only;
> IPsec running - pluto pid: 29493
> pluto pid 29493
> *No tunnels up*
Try:
ip xfrm policy
ip xfrm state
ipsec auto --status
before concluding things are not up.
> I think its in fact not bound to ANY Interface; thats why it behaving like
> that.
NETKEY does not need that.
Paul
--
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list