[Openswan Users] esp string error: enc_alg not found

Steve Zeng SteveZ at airg.com
Mon May 17 12:57:05 EDT 2010

Great! The hand-shaking seems working...

May 17 16:50:00 fw1 ipsec__plutorun: 002 added connection description "ec2-tunnel-01"
May 17 16:50:00 fw1 ipsec__plutorun: 104 "ec2-tunnel-01" #1: STATE_MAIN_I1: initiate

However, I do not see the tunnel interface yet when I run ifconfig. Do I need to create the tunnel interface manually? I see the following errors when I run " ipsec auto --status":

000 virtual_private (%priv):
000 - allowed 0 subnets:
000 - disallowed 0 subnets:
000 WARNING: Either virtual_private= was not specified, or there was a syntax
000          error in that line. 'left/rightsubnet=%priv' will not work!

Thanks a lot. 


-----Original Message-----
From: Paul Wouters [mailto:paul at xelerance.com] 
Sent: May 15, 2010 9:14 AM
To: Steve Zeng
Cc: users at openswan.org
Subject: Re: [Openswan Users] esp string error: enc_alg not found

On Fri, 14 May 2010, Steve Zeng wrote:

>  - Encryption Algorithm     : aes-128-cbc

>        ike=            AES_CBC_128-SHA1-MODP1024
>        esp=            AES_CBC_128-HMAC_SHA1_96-MODP1024

Use ike=aes128-sha1-modp1024 and esp=aes128-sha1

Do not use capitals.


More information about the Users mailing list