[Openswan Users] Secrets File

Nick Howitt n1ck.h0w1tt at gmail.com
Fri Sep 10 09:32:09 EDT 2010

  If the /etc/ipsec.secrets has a line in it "include 
/etc/ipsec.d/*.secrets" (which it does by default), then by copying it 
to /etc/ipsec.d, you now have a circular reference. Make sure the file 
in /etc/ipsec.d only contains secrets or comments and does not reference 
itself (in other words get rid of the include line).

It looks like the secret you have in /etc/ipsec.secrets is not matching 
so it is going on to check /etc/ipsec.d/*.secrets. If you put your 
secret in /etc/ipsec.secrets you could comment out the include line so 
it never tries /etc/ipsec.d/*.secrets.


On 10/09/2010 02:06, Michael DiMartino wrote:
> My openswan server generates the following error in my log files when
> i try to start
> a site to site vpn using preshared keys.
> ipsec__plutorun: 003 no secrets filename matched "/etc/ipsec.d/*.secrets"
> The  file exists as /etc/ipsec.secrets
> however if I put a copy of the file in /etc/ipsec.d/  the server then
> generates the following error.
> ipsec__plutorun: 003 preshared secrets file "/etc/ipsec.d/*.secrets"
> nested too deeply
> Any help with this will be greatly appreciated.
> Regards,
> Mike
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155

More information about the Users mailing list