[Openswan Users] ipsec can not start

顏宏愷 yhkai at cht.com.tw
Fri Aug 28 05:27:22 EDT 2009 

Hi, ALL,
I downloaded openswan 2.66.22 source , then make and install in the kernel 2.66.22.5.
I use ‘netkey’, so I executed ‘Make programs; make install “
It seems that everything is fine when make and install,
I did not change the content of ipsec.conf after install l
Then I executed “ipsec setup –start” command
But ,  I check the status it shows ipsec  stopped
I am sure the ipsec does not start correctly . but why?
Below is the list of the commands and console show
Please help to solve the problem.

Thanks any helps in advance

Yhkyhk2
-------------------------------------------------
[root @test] ipsec verify
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path                                        [OK]
Linux Openswan U2.6.22/K2.6.22.5 (netkey)
Checking for IPsec support in kernel                           [OK]
NETKEY detected, testing for disabled ICMP send_redirects      [FAILED]

  Please disable /proc/sys/net/ipv4/conf/*/send_redirects
  or NETKEY will cause the sending of bogus ICMP redirects!

NETKEY detected, testing for disabled ICMP accept_redirects     [FAILED]

  Please disable /proc/sys/net/ipv4/conf/*/accept_redirects
  or NETKEY will accept bogus ICMP redirects!

Checking for RSA private key (/etc/ipsec.secrets)                   [OK]
Checking that pluto is running                                 [OK]
Two or more interfaces found, checking IP forwarding             [FAILED]
Checking for 'ip' command                                             [OK]
Checking for 'iptables' command                                       [OK]
Opportunistic Encryption Support                              [DISABLED]

 [root @test] Ipsec setup –start
NET: Registered protocol family 15
Ipsec_setup: Starting OpenSwan IPsec U2.6.22/K2.6.22.5
Initializing XFRM netlink socket
Padlock: VIA PadLock not detected
Padlock: VIA PadLock not detected
[root @test] ipsec setup –status
IPsec stopped
but...
has /var/run/pluto/ipsec.info file!
An normal Pluto is active?


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20090828/a1bc3c75/attachment.html

More information about the Users mailing list