[Openswan Users] cannot load config '/etc/ipsec.conf'

robert k Wild robertkwild at gmail.com
Thu Nov 3 10:42:27 EDT 2016 

awesome, you are amazing!

who would had thought just an indent would have stopped the config file
from running

[root at vpn ~]# ipsec verify
Verifying installed system and configuration files

Version check and ipsec on-path                         [OK]
Libreswan 3.15 (netkey) on 2.6.32-642.el6.x86_64
Checking for IPsec support in kernel                    [OK]
 NETKEY: Testing XFRM related proc values
         ICMP default/send_redirects                    [NOT DISABLED]

  Disable /proc/sys/net/ipv4/conf/*/send_redirects or NETKEY will act on or
cause sending of bogus ICMP redirects!

         ICMP default/accept_redirects                  [NOT DISABLED]

  Disable /proc/sys/net/ipv4/conf/*/accept_redirects or NETKEY will act on
or cause sending of bogus ICMP redirects!

         XFRM larval drop                               [OK]
Pluto ipsec.conf syntax                                 [OK]
Hardware random device                                  [N/A]
Checking rp_filter                                      [ENABLED]
 /proc/sys/net/ipv4/conf/default/rp_filter              [ENABLED]
 /proc/sys/net/ipv4/conf/lo/rp_filter                   [ENABLED]
 /proc/sys/net/ipv4/conf/eth0/rp_filter                 [ENABLED]
  rp_filter is not fully aware of IPsec and should be disabled
Checking that pluto is running                          [OK]
 Pluto listening for IKE on udp 500                     [OK]
 Pluto listening for IKE/NAT-T on udp 4500              [OK]
 Pluto ipsec.secret syntax                              [OK]
Checking 'ip' command                                   [OK]
Checking 'iptables' command                             [OK]
Checking 'prelink' command does not interfere with FIPSChecking for
obsolete ipsec.conf options                 [OK]
Opportunistic Encryption                                [DISABLED]

ipsec verify: encountered 9 errors - see 'man ipsec_verify' for help
[root at vpn ~]#

i dont know what the 9 errors are but it says everything is ok


On 3 November 2016 at 13:16, Samir Hussain <shussain at xelerance.com> wrote:

> Hello,
>
>   Your conn command is indented which seems to be causing the problem.
> Please remove any spacing/tab so it is at the left most edge.
>
>
>   That should hopefully fix any issues with your config.
>
> Samir
>
> On 2016-11-03 09:03 AM, robert k Wild wrote:
>
> [root at vpn ~]# service ipsec start
> Starting pluto IKE daemon for IPsec: cannot load config '/etc/ipsec.conf':
> /etc/ipsec.conf:14: syntax error, unexpected CONN [conn]
> cannot load config '/etc/ipsec.conf': /etc/ipsec.conf:14: syntax error,
> unexpected CONN [conn]
> unknown stack
> cannot load config '/etc/ipsec.conf': /etc/ipsec.conf:14: syntax error,
> unexpected CONN [conn]
> .....                                                      [FAILED]
> [root at vpn ~]#
>
> On 3 November 2016 at 12:54, Samir Hussain <shussain at xelerance.com> wrote:
>
>> Could you also provide the output when you start the ipsec service please
>>
>>
>> On 2016-11-03 08:51 AM, robert k Wild wrote:
>> > mmm...
>> >
>> > i still getting an error message, not the same but another syntax error
>> >
>>
>>
>
>
> --
> Regards,
>
> Robert K Wild.
>
>
>


-- 
Regards,

Robert K Wild.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20161103/1cb1f4c0/attachment-0001.html>

More information about the Users mailing list