[Openswan Users] openswan doesn't pass initiate mode

Jorge Jimenez jorge.jimenez at pross.com
Thu Jan 14 10:52:03 EST 2010


Hi,

I've installed openswan and it doesn't pass initiate mode.
My messages log is:

Jan 14 17:57:24 pross-mon01 ipsec_setup: Stopping Openswan IPsec...
Jan 14 17:57:25 pross-mon01 kernel: NET: Unregistered protocol family 15
Jan 14 17:57:25 pross-mon01 ipsec_setup: ...Openswan IPsec stopped
Jan 14 17:57:33 pross-mon01 kernel: NET: Registered protocol family 15
Jan 14 17:57:33 pross-mon01 ipsec_setup: Starting Openswan IPsec U2.6.24/K2.6.18-164.el5...
Jan 14 17:57:33 pross-mon01 ipsec_setup: Using NETKEY(XFRM) stack
Jan 14 17:57:34 pross-mon01 kernel: padlock: VIA PadLock not detected.
Jan 14 17:57:34 pross-mon01 kernel: padlock: VIA PadLock not detected.
Jan 14 17:57:34 pross-mon01 pluto: adjusting ipsec.d to /etc/ipsec.d
Jan 14 17:57:34 pross-mon01 ipsec__plutorun: adjusting ipsec.d to /etc/ipsec.d
Jan 14 17:57:34 pross-mon01 ipsec_setup: ...Openswan IPsec started
Jan 14 17:57:34 pross-mon01 ipsec__plutorun: 002 added connection description "iberobrico"
Jan 14 17:57:34 pross-mon01 ipsec__plutorun: 003 NAT-Traversal: Trying new style NAT-T
Jan 14 17:57:34 pross-mon01 ipsec__plutorun: 003 NAT-Traversal: ESPINUDP(1) setup failed for new style NAT-T family IPv4 (errno=19)
Jan 14 17:57:34 pross-mon01 ipsec__plutorun: 003 NAT-Traversal: Trying old style NAT-T
Jan 14 17:57:35 pross-mon01 ipsec__plutorun: 104 "iberobrico" #1: STATE_MAIN_I1: initiate

And my secure log is:

Jan 14 17:57:24 pross-mon01 pluto[23162]: shutting down
Jan 14 17:57:24 pross-mon01 pluto[23162]: forgetting secrets
Jan 14 17:57:24 pross-mon01 pluto[23162]: "iberobrico": deleting connection
Jan 14 17:57:24 pross-mon01 pluto[23162]: "iberobrico" #1: deleting state (STATE_MAIN_I1)
Jan 14 17:57:24 pross-mon01 pluto[23162]: shutting down interface lo/lo ::1:500
Jan 14 17:57:24 pross-mon01 pluto[23162]: shutting down interface lo/lo 127.0.0.1:4500
Jan 14 17:57:24 pross-mon01 pluto[23162]: shutting down interface lo/lo 127.0.0.1:500
Jan 14 17:57:24 pross-mon01 pluto[23162]: shutting down interface eth0/eth0 10.10.100.18:4500
Jan 14 17:57:24 pross-mon01 pluto[23162]: shutting down interface eth0/eth0 10.10.100.18:500
Jan 14 17:57:24 pross-mon01 pluto[23167]: pluto_crypto_helper: helper (0) is  normal exiting
Jan 14 17:57:34 pross-mon01 ipsec__plutorun: Starting Pluto subsystem...
Jan 14 17:57:34 pross-mon01 pluto[23471]: Starting Pluto (Openswan Version 2.6.24; Vendor ID OEU}`hAnwstx) pid:23471
Jan 14 17:57:34 pross-mon01 pluto[23471]: Setting NAT-Traversal port-4500 floating to on
Jan 14 17:57:34 pross-mon01 pluto[23471]:    port floating activation criteria nat_t=1/port_float=1
Jan 14 17:57:34 pross-mon01 pluto[23471]:    NAT-Traversal support  [enabled]
Jan 14 17:57:34 pross-mon01 pluto[23471]: using /dev/urandom as source of random entropy
Jan 14 17:57:34 pross-mon01 pluto[23471]: ike_alg_register_enc(): Activating OAKLEY_TWOFISH_CBC_SSH: Ok (ret=0)
Jan 14 17:57:34 pross-mon01 pluto[23471]: ike_alg_register_enc(): Activating OAKLEY_TWOFISH_CBC: Ok (ret=0)
Jan 14 17:57:34 pross-mon01 pluto[23471]: ike_alg_register_enc(): Activating OAKLEY_SERPENT_CBC: Ok (ret=0)
Jan 14 17:57:34 pross-mon01 pluto[23471]: ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret=0)
Jan 14 17:57:34 pross-mon01 pluto[23471]: ike_alg_register_enc(): Activating OAKLEY_BLOWFISH_CBC: Ok (ret=0)
Jan 14 17:57:34 pross-mon01 pluto[23471]: ike_alg_register_hash(): Activating OAKLEY_SHA2_512: Ok (ret=0)
Jan 14 17:57:34 pross-mon01 pluto[23471]: ike_alg_register_hash(): Activating OAKLEY_SHA2_256: Ok (ret=0)
Jan 14 17:57:34 pross-mon01 pluto[23471]: starting up 1 cryptographic helpers
Jan 14 17:57:34 pross-mon01 pluto[23472]: using /dev/urandom as source of random entropy
Jan 14 17:57:34 pross-mon01 pluto[23471]: started helper pid=23472 (fd:7)
Jan 14 17:57:34 pross-mon01 pluto[23471]: Using Linux 2.6 IPsec interface code on 2.6.18-164.el5 (experimental code)
Jan 14 17:57:34 pross-mon01 pluto[23471]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names
Jan 14 17:57:34 pross-mon01 pluto[23471]: ike_alg_register_enc(): Activating <NULL>: Ok (ret=0)
Jan 14 17:57:34 pross-mon01 pluto[23471]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names
Jan 14 17:57:34 pross-mon01 pluto[23471]: ike_alg_add(): ERROR: Algorithm already exists
Jan 14 17:57:34 pross-mon01 pluto[23471]: ike_alg_register_enc(): Activating <NULL>: FAILED (ret=-17)
Jan 14 17:57:34 pross-mon01 pluto[23471]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names
Jan 14 17:57:34 pross-mon01 pluto[23471]: ike_alg_add(): ERROR: Algorithm already exists
Jan 14 17:57:34 pross-mon01 pluto[23471]: ike_alg_register_enc(): Activating <NULL>: FAILED (ret=-17)
Jan 14 17:57:34 pross-mon01 pluto[23471]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names
Jan 14 17:57:34 pross-mon01 pluto[23471]: ike_alg_add(): ERROR: Algorithm already exists
Jan 14 17:57:34 pross-mon01 pluto[23471]: ike_alg_register_enc(): Activating <NULL>: FAILED (ret=-17)
Jan 14 17:57:34 pross-mon01 pluto[23471]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names
Jan 14 17:57:34 pross-mon01 pluto[23471]: ike_alg_add(): ERROR: Algorithm already exists
Jan 14 17:57:34 pross-mon01 pluto[23471]: ike_alg_register_enc(): Activating <NULL>: FAILED (ret=-17)
Jan 14 17:57:34 pross-mon01 pluto[23471]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names
Jan 14 17:57:34 pross-mon01 pluto[23471]: ike_alg_add(): ERROR: Algorithm already exists
Jan 14 17:57:34 pross-mon01 pluto[23471]: ike_alg_register_enc(): Activating <NULL>: FAILED (ret=-17)
Jan 14 17:57:34 pross-mon01 pluto[23471]: Changed path to directory '/etc/ipsec.d/cacerts'
Jan 14 17:57:34 pross-mon01 pluto[23471]: Changed path to directory '/etc/ipsec.d/aacerts'
Jan 14 17:57:34 pross-mon01 pluto[23471]: Changed path to directory '/etc/ipsec.d/ocspcerts'
Jan 14 17:57:34 pross-mon01 pluto[23471]: Changing to directory '/etc/ipsec.d/crls'
Jan 14 17:57:34 pross-mon01 pluto[23471]:   Warning: empty directory
Jan 14 17:57:34 pross-mon01 pluto[23471]: added connection description "iberobrico"
Jan 14 17:57:34 pross-mon01 pluto[23471]: listening for IKE messages
Jan 14 17:57:34 pross-mon01 pluto[23471]: NAT-Traversal: Trying new style NAT-T
Jan 14 17:57:34 pross-mon01 pluto[23471]: NAT-Traversal: ESPINUDP(1) setup failed for new style NAT-T family IPv4 (errno=19)
Jan 14 17:57:34 pross-mon01 pluto[23471]: NAT-Traversal: Trying old style NAT-T
Jan 14 17:57:34 pross-mon01 pluto[23471]: adding interface eth0/eth0 10.10.100.18:500
Jan 14 17:57:34 pross-mon01 pluto[23471]: adding interface eth0/eth0 10.10.100.18:4500
Jan 14 17:57:34 pross-mon01 pluto[23471]: adding interface lo/lo 127.0.0.1:500
Jan 14 17:57:34 pross-mon01 pluto[23471]: adding interface lo/lo 127.0.0.1:4500
Jan 14 17:57:34 pross-mon01 pluto[23471]: adding interface lo/lo ::1:500
Jan 14 17:57:34 pross-mon01 pluto[23471]: loading secrets from "/etc/ipsec.secrets"
Jan 14 17:57:34 pross-mon01 pluto[23471]: loaded private key for keyid: PPK_RSA:AQOQ4DZcb
Jan 14 17:57:35 pross-mon01 pluto[23471]: "iberobrico" #1: initiating Main Mode

Do you know what's happening?

Thanks

[cid:image001.jpg at 01CA9539.E5CBBE90]
Jorge Jiménez Miguélez
Avinguda Diagonal, 605 - 4ª Planta
08028 - Barcelona
Tel.: 902 01 35 34 - Móvil: 669 83 08 76
http://www.pross.com<http://www.pross.com/>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20100114/36f2cc7d/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 2147 bytes
Desc: image001.jpg
Url : http://lists.openswan.org/pipermail/users/attachments/20100114/36f2cc7d/attachment-0001.jpg 


More information about the Users mailing list