[Openswan Users] ipsec verify warning

Graeme Peart graemepeart at sbcglobal.net
Sun Jan 16 20:57:51 EST 2011


I've just upgraded from Ubuntu 10.04 to 10.10 and pptp & openswan/l2tp VPN
servers no longer work.  I tried upgrading Openswan from 2.6.26 to 2.6.32
but still no joy.

 

It seems that verify runs some checks not previously done.  Is the warning
listed below something I need to fix?  I haven't managed to find much
information about what this is.

 

sudo ipsec verify

Checking your system to see if IPsec got installed and started correctly:

Version check and ipsec on-path                                   [OK]

Linux Openswan U2.6.32/K2.6.35-24-generic (netkey)

Checking for IPsec support in kernel                              [OK]

 SAref kernel support                                       [N/A]

 NETKEY:  Testing for disabled ICMP send_redirects                  [OK]

NETKEY detected, testing for disabled ICMP accept_redirects    [OK]

Checking that pluto is running                                        [OK]

 Pluto listening for IKE on udp 500                                 [OK]

 Pluto listening for NAT-T on udp 4500                           [OK]

Checking for 'ip' command                                            [OK]

Checking /bin/sh is not /bin/dash
[WARNING]

Checking for 'iptables' command                                   [OK]

Opportunistic Encryption Support                                  [DISABLED]

 

Thanks

Graeme

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20110116/9ad5aff1/attachment.html 


More information about the Users mailing list