[Openswan Users] CentOS 5.3 and klips
Paul Wouters
paul at xelerance.com
Fri Sep 11 16:59:15 EDT 2009
On Fri, 11 Sep 2009, Maverick wrote:
> I'm now trying with Fedora 11 x86, which has a newer kernel compared to
> centos,
> and I also moved to openswan-2.6.23, but still no luck :(
>From my Fedora 11 machine:
Sep 11 16:54:32 bofh pluto[9122]: Starting Pluto (Openswan Version 2.6.23; Vendor ID OEm at kgSFEH@\177) pid:9122
Sep 11 16:54:32 bofh pluto[9122]: Setting NAT-Traversal port-4500 floating to on
Sep 11 16:54:32 bofh pluto[9122]: port floating activation criteria nat_t=1/port_float=1
Sep 11 16:54:32 bofh pluto[9122]: including NAT-Traversal patch (Version 0.6c)
Sep 11 16:54:32 bofh pluto[9122]: using /dev/urandom as source of random entropy
Sep 11 16:54:32 bofh pluto[9122]: ike_alg_register_enc(): Activating OAKLEY_TWOFISH_CBC_SSH: Ok (ret=0)
Sep 11 16:54:32 bofh pluto[9122]: ike_alg_register_enc(): Activating OAKLEY_TWOFISH_CBC: Ok (ret=0)
Sep 11 16:54:32 bofh pluto[9122]: ike_alg_register_enc(): Activating OAKLEY_SERPENT_CBC: Ok (ret=0)
Sep 11 16:54:32 bofh pluto[9122]: ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret=0)
Sep 11 16:54:32 bofh pluto[9122]: ike_alg_register_enc(): Activating OAKLEY_BLOWFISH_CBC: Ok (ret=0)
Sep 11 16:54:32 bofh pluto[9122]: ike_alg_register_hash(): Activating OAKLEY_SHA2_512: Ok (ret=0)
Sep 11 16:54:32 bofh pluto[9122]: ike_alg_register_hash(): Activating OAKLEY_SHA2_256: Ok (ret=0)
Sep 11 16:54:32 bofh pluto[9122]: no helpers will be started, all cryptographic operations will be done inline
Sep 11 16:54:32 bofh pluto[9122]: Using KLIPS IPsec interface code on 2.6.30.5-43.fc11.x86_64
It seems fine for me?
> This is what I get when I start the service:
>
> /etc/init.d/ipsec start
> /usr/libexec/ipsec/addconn Non-fips mode set in
> /proc/sys/crypto/fips_enabled
> ipsec_setup: Starting Openswan IPsec 2.6.23...
> ipsec_setup: /usr/libexec/ipsec/tncfg: exactly one of
> ipsec_setup: '--attach', '--detach', '--create', '--delete' or '--clear'
> ipsec_setup: options must be specified.
> ipsec_setup: SIOCSIFFLAGS: No such device
> ipsec_setup: /usr/libexec/ipsec/addconn Non-fips mode set in
That is not a locally compiled openswan. Are you sure you don't have
openswan installed via rpm as well as in /usr/local from a manual compile?
Paul
More information about the Users
mailing list