[Openswan Users] Problem with setup of connection
jobst at barrett.com.au
Fri Dec 18 16:57:51 EST 2009
Have been using openswan for years, nver had trouble (other than setup problems).
I used to have to Fedora (7 and 4) boxen talking to each other, no problems.
However I have moved away from Fedora cause the update frequency is too high and I am never able to keep up, so I move one of the boxes to Centos (5.4).
I have neve had so much trouble to get something to get going.
Both are actually talking to each other but the (so no firewall problems etc) but the setup always stop at the key exchange.
I have found this one "http://fedoraproject.org/wiki/QA:Testcase_Openswan_with_nss" but I can even get that to work.
Amongst the problems I have had:
* connect(pluto_ctl) failed: No such file or directory
* rsakey malformed [input ends in mid-byte
* Modulus keyword not found where expected in RSA key
* sending encrypted notification INVALID_ID_INFORMATION
* unable to locate my private key for RSA Signature
and in the moment I have
Dec 19 08:33:37 piquet pluto: "VPN_HOME_CONSULT" #1: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Dec 19 08:33:37 piquet pluto: "VPN_HOME_CONSULT" #1: I am sending my cert
Dec 19 08:33:37 piquet pluto: "VPN_HOME_CONSULT" #1: I am sending a certificate request
Dec 19 08:33:37 piquet pluto: "VPN_HOME_CONSULT" #1: unable to locate my private key for RSA Signature
Dec 19 08:33:37 piquet pluto: "VPN_HOME_CONSULT" #1: sending notification AUTHENTICATION_FAILED to 220.127.116.11:500
ipsec.conf (main server site)
On the other one I have swaped the left and right setup
# Debug-logging controls: "none" for (almost) none, "all" for lots.
# plutodebug="control parsing"
# For Red Hat Enterprise Linux and Fedora, leave protostack=netkey
# Enable this if you see "failed to find any available worker"
If a pig loses its voice, is it disgruntled?
| |0| | Jobst Schmalenbach, jobst at barrett.com.au, General Manager
| | |0| Barrett Consulting Group P/L & The Meditation Room P/L
|0|0|0| +61 3 9532 7677, POBox 277, Caulfield South, 3162, Australia
More information about the Users