[Openswan Users] Pluto Dies During Boot

Graeme Peart graemepeart at sbcglobal.net
Sat Feb 20 18:36:23 EST 2010 

IPSEC works fine if I start it manually but seems to get confused when
starting from boot.  Checking the status after boot gives me these results.
I'm running Ubuntu 9.10.

I can't find a cause but it seems suspicious that I find leftover files in
/var/run/pluto/.  Any idea if this is a bug or a configuration error?

Graeme

 

____________

sudo /etc/init.d/ipsec status

[sudo] password for jdoe: 

IPsec stopped

but...

has /var/run/pluto/ipsec.info file!

An dead Pluto is active?

 

syslog

----------

Feb 20 16:53:45 Montclair ipsec_setup: Starting Openswan IPsec
U2.6.24/K2.6.31-19-generic...

Feb 20 16:53:45 Montclair ipsec_setup: Using NETKEY(XFRM) stack

Feb 20 16:53:45 Montclair ipsec_setup: ...Openswan IPsec started

Feb 20 16:53:45 Montclair pluto: adjusting ipsec.d to /etc/ipsec.d

Feb 20 16:53:45 Montclair ipsec__plutorun: adjusting ipsec.d to /etc/ipsec.d

Feb 20 16:53:46 Montclair ipsec_setup: Openswan IPsec apparently already
active, start aborted

 

Auth.log

------------

Feb 20 16:53:45 Montclair ipsec__plutorun: Starting Pluto subsystem...

Feb 20 16:53:45 Montclair pluto[1471]: Starting Pluto (Openswan Version
2.6.24; Vendor ID OEU}`hAnwstx) pid:1471

Feb 20 16:53:45 Montclair pluto[1471]: Setting NAT-Traversal port-4500
floating to on

Feb 20 16:53:45 Montclair pluto[1471]:    port floating activation criteria
nat_t=1/port_float=1

Feb 20 16:53:45 Montclair pluto[1471]:    NAT-Traversal support  [enabled]

Feb 20 16:53:45 Montclair pluto[1471]: using /dev/urandom as source of
random entropy

Feb 20 16:53:45 Montclair pluto[1471]: ike_alg_register_enc(): Activating
OAKLEY_TWOFISH_CBC_SSH: Ok (ret=0)

Feb 20 16:53:45 Montclair pluto[1471]: ike_alg_register_enc(): Activating
OAKLEY_TWOFISH_CBC: Ok (ret=0)

Feb 20 16:53:45 Montclair pluto[1471]: ike_alg_register_enc(): Activating
OAKLEY_SERPENT_CBC: Ok (ret=0)

Feb 20 16:53:45 Montclair pluto[1471]: ike_alg_register_enc(): Activating
OAKLEY_AES_CBC: Ok (ret=0)

Feb 20 16:53:45 Montclair pluto[1471]: ike_alg_register_enc(): Activating
OAKLEY_BLOWFISH_CBC: Ok (ret=0)

Feb 20 16:53:45 Montclair pluto[1471]: ike_alg_register_hash(): Activating
OAKLEY_SHA2_512: Ok (ret=0)

Feb 20 16:53:45 Montclair pluto[1471]: ike_alg_register_hash(): Activating
OAKLEY_SHA2_256: Ok (ret=0)

Feb 20 16:53:45 Montclair pluto[1471]: starting up 1 cryptographic helpers

Feb 20 16:53:45 Montclair pluto[1504]: using /dev/urandom as source of
random entropy

Feb 20 16:53:45 Montclair pluto[1471]: started helper pid=1504 (fd:7)

Feb 20 16:53:45 Montclair pluto[1471]: Using Linux 2.6 IPsec interface code
on 2.6.31-19-generic (experimental code)

Feb 20 16:53:45 Montclair pluto[1471]: ike_alg_register_enc(): WARNING: enc
alg=0 not found in constants.c:oakley_enc_names  

Feb 20 16:53:45 Montclair pluto[1471]: ike_alg_register_enc(): Activating
<NULL>: Ok (ret=0)

Feb 20 16:53:45 Montclair pluto[1471]: ike_alg_register_enc(): WARNING: enc
alg=0 not found in constants.c:oakley_enc_names  

Feb 20 16:53:45 Montclair pluto[1471]: ike_alg_add(): ERROR: Algorithm
already exists

Feb 20 16:53:45 Montclair pluto[1471]: ike_alg_register_enc(): Activating
<NULL>: FAILED (ret=-17)

Feb 20 16:53:45 Montclair pluto[1471]: ike_alg_register_enc(): WARNING: enc
alg=0 not found in constants.c:oakley_enc_names  

Feb 20 16:53:45 Montclair pluto[1471]: ike_alg_add(): ERROR: Algorithm
already exists

Feb 20 16:53:45 Montclair pluto[1471]: ike_alg_register_enc(): Activating
<NULL>: FAILED (ret=-17)

Feb 20 16:53:45 Montclair pluto[1471]: ike_alg_register_enc(): WARNING: enc
alg=0 not found in constants.c:oakley_enc_names  

Feb 20 16:53:45 Montclair pluto[1471]: ike_alg_add(): ERROR: Algorithm
already exists

Feb 20 16:53:45 Montclair pluto[1471]: ike_alg_register_enc(): Activating
<NULL>: FAILED (ret=-17)

Feb 20 16:53:45 Montclair pluto[1471]: ike_alg_register_enc(): WARNING: enc
alg=0 not found in constants.c:oakley_enc_names  

Feb 20 16:53:45 Montclair pluto[1471]: ike_alg_add(): ERROR: Algorithm
already exists

Feb 20 16:53:45 Montclair pluto[1471]: ike_alg_register_enc(): Activating
<NULL>: FAILED (ret=-17)

Feb 20 16:53:45 Montclair pluto[1471]: ike_alg_register_enc(): WARNING: enc
alg=0 not found in constants.c:oakley_enc_names  

Feb 20 16:53:45 Montclair pluto[1471]: ike_alg_add(): ERROR: Algorithm
already exists

Feb 20 16:53:45 Montclair pluto[1471]: ike_alg_register_enc(): Activating
<NULL>: FAILED (ret=-17)

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20100220/a1d4bc9d/attachment-0001.html

More information about the Users mailing list