[Openswan Users] could not add conn "host-to-host" with openswan

Kevin Wilson wkevils at gmail.com
Sun Apr 18 13:22:08 EDT 2010

 I am using openswan on ARM. I use Fedora 8, and I installed
an openrpm from Fedora ARM repositories.

I tried to create a simple host-to-host tunnel between this machine
and another x86 machine.
What I got, when staring the ipsec service on one machine, is the
following message

ipsec_setup: ...Openswan IPsec stopped
ipsec_setup: WARNING: cannot flush state/policy database -- `%defaultroute'.
  Install a newer version of iproute/iproute2 or install the
ipsec-tools package to obtain the setkey command.
ipsec_setup: NETKEY on eth0 broadcast ...
ipsec_setup: ...Openswan IPsec started
ipsec__plutorun: whack: Pluto is not running (no "/var/run/pluto/pluto.ctl")
ipsec__plutorun: ...could not add conn "host-to-host"
ipsec__plutorun: whack: Pluto is not running (no "/var/run/pluto/pluto.ctl")
ipsec__plutorun: !pluto failure!:  exited with error status 1
ipsec__plutorun: restarting IPsec after pause...

I don't have any idea what causes this error.
On the second machine the ipsec service starts OK.

Moreover, after running "/etc/init.d/ipsec start" I keep getting this messages
over and over again, and running /etc/init.d/ipsec stop" does not
prevent the ipsec service from trying continuosly to restart again and again.

The ipsec.conf I use is this:

The linux machine has an IP set for its default gateway (

config setup

conn host-to-host
    left =

Any ideas/suggestion how to tackle this ?

More information about the Users mailing list