[Openswan Users] openswan -- Not able to open /proc/sys/crypto/fips_enabled
ray at truedays.org
Thu Apr 12 14:31:27 EDT 2012
I'm having trouble setting up a openswan (openswan-2.6.32-10.el6_2.x86_64)
on Centos 6.2 (64-bit) (installed using centos default repo).
This is the output I see when starting:
[root at localhost ~]# service ipsec start
ipsec_setup: Starting Openswan IPsec U2.6.32/K3.2.14...
ipsec_setup: /usr/libexec/ipsec/addconn Not able to open
/proc/sys/crypto/fips_enabled, returning non-fips mode
Additionally I can't seem to solve the [failed]'s in ipsec verify:
[root at localhost ~]# ipsec verify #(OKs edited out)
Checking your system to see if IPsec got installed and started correctly:
SAref kernel support [N/A]
Pluto listening for NAT-T on udp 4500 [FAILED]
Two or more interfaces found, checking IP forwarding [FAILED]
What's worse is I don't know what issue if any is a fail point, or if
they're simply warning-ish fails, where I can safely proceed.
2 servers cento6.2-x64 with mirrored setup
Currently both servers are right next to each other, but eventually they'll
be at two different geographical locations, not nat'ed eth0 public facing,
eth0 (192.168.5.[110,120]) -> router -> internet
eth1 (10.0.5.[110,120]) -> directly connected to each other (crossover)
end-goal: l2tpv3 tunnel over ipsec
ipsec familiarity=nil :-[
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users