[Openswan Users] openswan installation problem

Paul Wouters paul at xelerance.com
Tue Dec 22 12:19:26 EST 2009


On Tue, 22 Dec 2009, yu chen wrote:

> if with same system and install openswan-2.4.12, see below for ipsec verify:
> 
> Checking your system to see if IPsec got installed and started correctly:
> Version check and ipsec on-path                                 [OK]
> Linux Openswan U2.4.12/K2.6.18-164.6.1.el5 (netkey)
> Checking for IPsec support in kernel                            [OK]
> NETKEY detected, testing for disabled ICMP send_redirects       [OK]
> NETKEY detected, testing for disabled ICMP accept_redirects     [OK]
> Checking for RSA private key (/etc/ipsec.secrets)               [OK]
> Checking that pluto is running                                  [OK]
> Two or more interfaces found, checking IP forwarding            [OK]
> Checking NAT and MASQUERADEing                                  [N/A]
> Checking for 'ip' command                                       [OK]
> Checking for 'iptables' command                                 [OK]
> Opportunistic Encryption Support                                [DISABLED]
> 
> why openswan-2.6.23 show up :
> Pluto listening for IKE on udp 500                              [FAILED]
> Pluto listening for NAT-T on udp 4500                           [FAILED]
> Two or more interfaces found, checking IP forwarding            [FAILED]

That's odd. Are you sure you were running openswan on both checks?
If openswan was not running it would explain things, also because
openswan might set the forwarding sysctl setting.

Paul


More information about the Users mailing list