[Openswan Users] could not add conn "host-to-host" with openswan
Kevin Wilson
wkevils at gmail.com
Sun Apr 18 13:22:08 EDT 2010
Hello,
I am using openswan on ARM. I use Fedora 8, and I installed
an openrpm from Fedora ARM repositories.
(http://ftp.linux.org.uk/pub/linux/arm/fedora/pub/fedora/linux/releases/8/Everything/arm/os/Packages/).
I tried to create a simple host-to-host tunnel between this machine
and another x86 machine.
What I got, when staring the ipsec service on one machine, is the
following message
ipsec_setup: ...Openswan IPsec stopped
ipsec_setup: WARNING: cannot flush state/policy database -- `%defaultroute'.
Install a newer version of iproute/iproute2 or install the
ipsec-tools package to obtain the setkey command.
ipsec_setup: NETKEY on eth0 192.168.0.197/255.255.255.0 broadcast ...
ipsec_setup: ...Openswan IPsec started
ipsec__plutorun: whack: Pluto is not running (no "/var/run/pluto/pluto.ctl")
ipsec__plutorun: ...could not add conn "host-to-host"
ipsec__plutorun: whack: Pluto is not running (no "/var/run/pluto/pluto.ctl")
ipsec__plutorun: !pluto failure!: exited with error status 1
ipsec__plutorun: restarting IPsec after pause...
I don't have any idea what causes this error.
On the second machine the ipsec service starts OK.
Moreover, after running "/etc/init.d/ipsec start" I keep getting this messages
over and over again, and running /etc/init.d/ipsec stop" does not
prevent the ipsec service from trying continuosly to restart again and again.
The ipsec.conf I use is this:
The linux machine has an IP set for its default gateway (192.168.0.254)
config setup
interfaces=%defaultroute
klipsdebug="none"
plutodebug="none"
protostack=netkey
conn host-to-host
type=tunnel
authby=secret
left = 192.168.0.12
right= 192.168.0.197
auto=add
Any ideas/suggestion how to tackle this ?
Rgs,
Kevin
More information about the Users
mailing list