[Openswan Users] IPSec: 021 no connection named

Harsh Vardhan Srivastava harsh.020688 at gmail.com
Wed Oct 29 04:55:40 EDT 2014 

Hi,

I am running Openswan 2.6.37 on a custom ARM board (OMAP4) running Ubuntu
Core.
Since its a minimalistic version of Ununtu, not all commands run the way
they do in Desktop Ubuntu. I had to use scripts provided in
/usr/local/lib/ipsec/. For example instead of ipsec setup --start I had
used ipsec _realsetup --start.

Anyways I have issued following commands:
1) ipsec _startnetkey
2) ipsec _realsetup --start
3) ipsec _plutorun

After this the ipsec _realsetup --status gives me:
IPsec running  - pluto pid: 4798
pluto pid 4798
No tunnels up

Which should be followed by ipsec auto --add simpleIPSec and subsequently
by ipsec auto --up simpleIPSec but these commands give me:
root at localhost:~# ipsec auto --add simpleIPSec
Illegal instruction
----------------------------------------------------------------------------------------------------------------
root at localhost:~# ipsec auto --up
simpleIPSec

pluto[4798]: initiating all conns with alias='simpleIPSec'
000 initiating all conns with alias='simpleIPSec'
021 no connection named "simpleIPSec"
----------------------------------------------------------------------------------------------------------------
root at localhost:~# ipsec verify
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path                                 [OK]
Linux Openswan U2.6.37/K3.10.12-svn149 (netkey)
Checking for IPsec support in kernel                            [OK]
 SAref kernel support                                           [N/A]
 NETKEY:  Testing XFRM related proc values                      [OK]
        [OK]
        [OK]
Checking that pluto is running                                  [OK]
 Pluto listening for IKE on udp 500                          [OK]
 Pluto listening for NAT-T on udp 4500                          [FAILED]
Two or more interfaces found, checking IP forwarding            [FAILED]
Checking NAT and MASQUERADEing                                  [OK]
Checking for 'ip' command                                       [OK]
Checking /bin/sh is not /bin/dash                               [WARNING]
Checking for 'iptables' command                                 [OK]
Opportunistic Encryption Support                                [DISABLED]
------------------------------------------------------------------------------------------------------------------

1) I did some scavenging in add script for adding the connections, but
couldn't figure it out. I believe it requires some other command to add and
up the connection.
2) Or the system is not picking up the right ipsec.config, since that only
explains "021 no connection named "simpleIPSec" ". But I did *ipsec barf*
and it gave me the ipsec.config containing simpleIPSec connection.
3) Will it help me if I resolve the two errors I received in *ipsec verify*.

Please let me know if you have any pointers on this one.

-- 
Regards
Harsh Vardhan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20141029/887b77ea/attachment.html>

More information about the Users mailing list