[Openswan Users] Problem with newly rebuilt Centos box and open Swan

Sean Smith ssmith at nanb.nb.ca
Wed Feb 19 08:50:26 EST 2014 

Hi all. I recently have been rebuilding a new Centos serer to replace an
existing one. 

I use this server as a backup device and then push my backups to a
remote spot via and IPSec VPN tunnel.

 

It has been working. However, my newly built box using the same
configuration file will not connect.

 

My IPSec verify is below.

-------

Verifying installed system and configuration files

Version check and ipsec on-path                       [OK]
Libreswan 3.7 (netkey) on 3.12.7-200.fc19.x86_64
Checking for IPsec support in kernel                  [OK]
 NETKEY: Testing XFRM related proc values
         ICMP default/send_redirects                  [OK]
         ICMP default/accept_redirects                [OK]
         XFRM larval drop                             [OK]
Pluto ipsec.conf syntax                               [OK]
Hardware random device                                [N/A]
Two or more interfaces found, checking IP forwarding    [OK]
Checking rp_filter                                    [OK]
Checking that pluto is running                        [OK]
 Pluto listening for IKE on udp 500                   [OK]
 Pluto listening for IKE/NAT-T on udp 4500            [OK]
 Pluto ipsec.secret syntax                            [OK]
Checking NAT and MASQUERADEing                        [TEST INCOMPLETE]
Checking 'ip' command                                 [OK]
Checking 'iptables' command                           [OK]
Checking 'prelink' command does not interfere with FIPS    [PRESENT]
Checking for obsolete ipsec.conf options              [OK]
Opportunistic Encryption                              [DISABLED]
--------

 

Also, in the secure and messages files I can see that Phase 1 completes,
but it seems to get stuck on EVENT_PENDING_DDNS. It does queue up
EVENT_PENDING_PHASE2 but never gets by the DDNS.

 

Any suggestions are greatl appreciated.

 

Feb 19 09:45:31 localhost pluto[8835]: | * processed 0 messages from
cryptographic helpers
Feb 19 09:45:31 localhost pluto[8835]: | next event EVENT_PENDING_DDNS
in 59 seconds
Feb 19 09:45:31 localhost pluto[8835]: | next event EVENT_PENDING_DDNS
in 59 seconds
Feb 19 09:45:31 localhost pluto[8835]: |
Feb 19 09:45:31 localhost pluto[8835]: | *received whack message
Feb 19 09:45:31 localhost pluto[8835]: initiating all conns with
alias='aliantVPN'
Feb 19 09:45:31 localhost pluto[8835]: | * processed 0 messages from
cryptographic helpers
Feb 19 09:45:31 localhost pluto[8835]: | next event EVENT_PENDING_DDNS
in 59 seconds
Feb 19 09:45:31 localhost pluto[8835]: | next event EVENT_PENDING_DDNS
in 59 seconds
Feb 19 09:45:31 localhost pluto[8835]: | reaped addconn helper child


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20140219/ea409522/attachment.html>

More information about the Users mailing list