[Openswan Users] Can't start pluto ( on 2.6.25 kernel )

OCG Technical Support support at ocg.ca
Sun Sep 14 14:33:56 EDT 2008


I think the problem is SeLinux related.  Does anyone have a local policy
written for ipsec / Pluto ??

Thanks

-----Original Message-----
From: users-bounces at openswan.org [mailto:users-bounces at openswan.org] On
Behalf Of OCG Technical Support
Sent: September 13, 2008 11:45 PM
To: users at openswan.org
Subject: [Openswan Users] Can't start pluto ( on 2.6.25 kernel )

I just installed OpenSwan RPM onto Fedora 9 (2.6.25 kernel).  I'm new to
OpenSwan but I've RTFM as far as install and start are concerned, and I
can't get ipsec's Pluto to start.  I get the error below in my
/var/log/secure file.

What permission is the problem?  (I put the barf file on
www.ocg.ca/ipsecbarf.txt )

Can someone offer some ideas on the problem & solution.  If it's a RTFM
please point me to a section since I can't see it...Thanks,
Michelle

Sep 13 22:52:20 firewall ipsec__plutorun: Starting Pluto subsystem...
Sep 13 22:52:20 firewall pluto[6383]: Starting Pluto (Openswan Version
2.6.09; Vendor ID OEZD~MT}mAnl) pid:6383
Sep 13 22:52:20 firewall pluto[6383]: Setting NAT-Traversal port-4500
floating to on
Sep 13 22:52:20 firewall pluto[6383]:    port floating activation criteria
nat_t=1/port_float=1
Sep 13 22:52:20 firewall pluto[6383]:    including NAT-Traversal patch
(Version 0.6c)
Sep 13 22:52:20 firewall pluto[6383]: using /dev/urandom as source of random
entropy
Sep 13 22:52:20 firewall pluto[6383]: ike_alg_register_enc(): Activating
OAKLEY_TWOFISH_CBC_SSH: Ok (ret=0)
Sep 13 22:52:20 firewall pluto[6383]: ike_alg_register_enc(): Activating
OAKLEY_TWOFISH_CBC: Ok (ret=0)
Sep 13 22:52:20 firewall pluto[6383]: ike_alg_register_enc(): Activating
OAKLEY_SERPENT_CBC: Ok (ret=0)
Sep 13 22:52:20 firewall pluto[6383]: ike_alg_register_enc(): Activating
OAKLEY_AES_CBC: Ok (ret=0)
Sep 13 22:52:20 firewall pluto[6383]: ike_alg_register_enc(): Activating
OAKLEY_BLOWFISH_CBC: Ok (ret=0)
Sep 13 22:52:20 firewall pluto[6383]: ike_alg_register_hash(): Activating
OAKLEY_SHA2_512: Ok (ret=0)
Sep 13 22:52:20 firewall pluto[6383]: ike_alg_register_hash(): Activating
OAKLEY_SHA2_256: Ok (ret=0)
Sep 13 22:52:20 firewall pluto[6383]: starting up 1 cryptographic helpers
Sep 13 22:52:20 firewall pluto[6385]: using /dev/urandom as source of random
entropy
Sep 13 22:52:20 firewall pluto[6383]: started helper pid=6385 (fd:7)
Sep 13 22:52:20 firewall pluto[6383]: Using Linux 2.6 IPsec interface code
on 2.6.25.14108b.fc9-firewall (experimental code)
Sep 13 22:52:20 firewall pluto[6383]: FATAL ERROR: socket() in
init_netlink(). Errno 13: Permission denied



_______________________________________________
Users at openswan.org
http://lists.openswan.org/mailman/listinfo/users
Building and Integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155



More information about the Users mailing list