Title: IPsec - Is it working for you? Post by: kmichal on Friday 04 September 2009, 11:49:54 pm I'm at the end of my rope here.
I have two boxes each with Endian 2.2 final. When I try to create an IPsec (PSK) connection between them (same exact default settings) It does not connect at all Sep 4 09:42:19 gateway ipsec_setup: ...Openswan IPsec started Sep 4 09:42:19 gateway ipsec_setup: Restarting Openswan IPsec 2.4.13... Sep 4 09:42:19 gateway pluto[10310]: | Sep 4 09:42:19 gateway pluto[10310]: | *received whack message Sep 4 09:42:19 gateway pluto[10310]: | alg_info_parse_str() ealg_buf=aes aalg_buf=shaeklen=128 aklen=0 Sep 4 09:42:19 gateway pluto[10310]: | enum_search_prefix () calling enum_search(0x80c9684, "OAKLEY_AES") Sep 4 09:42:19 gateway pluto[10310]: | enum_search_ppfixi () calling enum_search(0x80c9684, "OAKLEY_AES_CBC") Sep 4 09:42:19 gateway pluto[10310]: | parser_alg_info_add() ealg_getbyname("aes")=7 Sep 4 09:42:19 gateway pluto[10310]: | enum_search_prefix () calling enum_search(0x80c9648, "OAKLEY_SHA") Sep 4 09:42:19 gateway pluto[10310]: | parser_alg_info_add() aalg_getbyname("sha")=2 Sep 4 09:42:19 gateway pluto[10310]: | enum_search_prefix () calling enum_search(0x80c956c, "OAKLEY_GROUP_MODP1536") Sep 4 09:42:19 gateway pluto[10310]: | parser_alg_info_add() modp_getbyname("modp1536")=5 Sep 4 09:42:19 gateway pluto[10310]: | __alg_info_ike_add() ealg=7 aalg=2 modp_id=5, cnt=1 Sep 4 09:42:19 gateway pluto[10310]: | alg_info_parse_str() ealg_buf=aes aalg_buf=shaeklen=128 aklen=0 Sep 4 09:42:19 gateway pluto[10310]: | enum_search_prefix () calling enum_search(0x80c9684, "OAKLEY_AES") Sep 4 09:42:19 gateway pluto[10310]: | enum_search_ppfixi () calling enum_search(0x80c9684, "OAKLEY_AES_CBC") Sep 4 09:42:19 gateway pluto[10310]: | parser_alg_info_add() ealg_getbyname("aes")=7 Sep 4 09:42:19 gateway pluto[10310]: | enum_search_prefix () calling enum_search(0x80c9648, "OAKLEY_SHA") Sep 4 09:42:19 gateway pluto[10310]: | parser_alg_info_add() aalg_getbyname("sha")=2 Sep 4 09:42:19 gateway pluto[10310]: | enum_search_prefix () calling enum_search(0x80c956c, "OAKLEY_GROUP_MODP1024") Sep 4 09:42:19 gateway pluto[10310]: | parser_alg_info_add() modp_getbyname("modp1024")=2 Sep 4 09:42:19 gateway pluto[10310]: | __alg_info_ike_add() ealg=7 aalg=2 modp_id=2, cnt=2 Sep 4 09:42:19 gateway pluto[10310]: | alg_info_parse_str() ealg_buf=aes aalg_buf=md5eklen=128 aklen=0 Sep 4 09:42:19 gateway pluto[10310]: | enum_search_prefix () calling enum_search(0x80c9684, "OAKLEY_AES") Sep 4 09:42:19 gateway pluto[10310]: | enum_search_ppfixi () calling enum_search(0x80c9684, "OAKLEY_AES_CBC") Sep 4 09:42:19 gateway pluto[10310]: | parser_alg_info_add() ealg_getbyname("aes")=7 Sep 4 09:42:19 gateway pluto[10310]: | enum_search_prefix () calling enum_search(0x80c9648, "OAKLEY_MD5") Sep 4 09:42:19 gateway pluto[10310]: | parser_alg_info_add() aalg_getbyname("md5")=1 Sep 4 09:42:19 gateway pluto[10310]: | enum_search_prefix () calling enum_search(0x80c956c, "OAKLEY_GROUP_MODP1536") Sep 4 09:42:19 gateway pluto[10310]: | parser_alg_info_add() modp_getbyname("modp1536")=5 Sep 4 09:42:19 gateway pluto[10310]: | __alg_info_ike_add() ealg=7 aalg=1 modp_id=5, cnt=3 Sep 4 09:42:19 gateway pluto[10310]: | alg_info_parse_str() ealg_buf=aes aalg_buf=md5eklen=128 aklen=0 Sep 4 09:42:19 gateway pluto[10310]: | enum_search_prefix () calling enum_search(0x80c9684, "OAKLEY_AES") Sep 4 09:42:19 gateway pluto[10310]: | enum_search_ppfixi () calling enum_search(0x80c9684, "OAKLEY_AES_CBC") Sep 4 09:42:19 gateway pluto[10310]: | parser_alg_info_add() ealg_getbyname("aes")=7 Sep 4 09:42:19 gateway pluto[10310]: | enum_search_prefix () calling enum_search(0x80c9648, "OAKLEY_MD5") Sep 4 09:42:19 gateway pluto[10310]: | parser_alg_info_add() aalg_getbyname("md5")=1 Sep 4 09:42:19 gateway pluto[10310]: | enum_search_prefix () calling enum_search(0x80c956c, "OAKLEY_GROUP_MODP1024") Sep 4 09:42:19 gateway pluto[10310]: | parser_alg_info_add() modp_getbyname("modp1024")=2 Sep 4 09:42:19 gateway pluto[10310]: | __alg_info_ike_add() ealg=7 aalg=1 modp_id=2, cnt=4 Sep 4 09:42:19 gateway pluto[10310]: | alg_info_parse_str() ealg_buf=3des aalg_buf=shaeklen=0 aklen=0 Sep 4 09:42:19 gateway pluto[10310]: | enum_search_prefix () calling enum_search(0x80c9684, "OAKLEY_3DES") Sep 4 09:42:19 gateway pluto[10310]: | enum_search_ppfixi () calling enum_search(0x80c9684, "OAKLEY_3DES_CBC") Sep 4 09:42:19 gateway pluto[10310]: | parser_alg_info_add() ealg_getbyname("3des")=5 Sep 4 09:42:19 gateway pluto[10310]: | enum_search_prefix () calling enum_search(0x80c9648, "OAKLEY_SHA") Sep 4 09:42:19 gateway pluto[10310]: | parser_alg_info_add() aalg_getbyname("sha")=2 Sep 4 09:42:19 gateway pluto[10310]: | enum_search_prefix () calling enum_search(0x80c956c, "OAKLEY_GROUP_MODP1536") Sep 4 09:42:19 gateway pluto[10310]: | parser_alg_info_add() modp_getbyname("modp1536")=5 Sep 4 09:42:19 gateway pluto[10310]: | __alg_info_ike_add() ealg=5 aalg=2 modp_id=5, cnt=5 Sep 4 09:42:19 gateway pluto[10310]: | alg_info_parse_str() ealg_buf=3des aalg_buf=shaeklen=0 aklen=0 Sep 4 09:42:19 gateway pluto[10310]: | enum_search_prefix () calling enum_search(0x80c9684, "OAKLEY_3DES") Sep 4 09:42:19 gateway pluto[10310]: | enum_search_ppfixi () calling enum_search(0x80c9684, "OAKLEY_3DES_CBC") Sep 4 09:42:19 gateway pluto[10310]: | parser_alg_info_add() ealg_getbyname("3des")=5 Sep 4 09:42:19 gateway pluto[10310]: | enum_search_prefix () calling enum_search(0x80c9648, "OAKLEY_SHA") Sep 4 09:42:19 gateway pluto[10310]: | parser_alg_info_add() aalg_getbyname("sha")=2 Sep 4 09:42:19 gateway pluto[10310]: | enum_search_prefix () calling enum_search(0x80c956c, "OAKLEY_GROUP_MODP1024") Sep 4 09:42:19 gateway pluto[10310]: | parser_alg_info_add() modp_getbyname("modp1024")=2 Sep 4 09:42:19 gateway pluto[10310]: | __alg_info_ike_add() ealg=5 aalg=2 modp_id=2, cnt=6 Sep 4 09:42:19 gateway pluto[10310]: | alg_info_parse_str() ealg_buf=3des aalg_buf=md5eklen=0 aklen=0 Sep 4 09:42:19 gateway pluto[10310]: | enum_search_prefix () calling enum_search(0x80c9684, "OAKLEY_3DES") Sep 4 09:42:19 gateway pluto[10310]: | enum_search_ppfixi () calling enum_search(0x80c9684, "OAKLEY_3DES_CBC") Sep 4 09:42:19 gateway pluto[10310]: | parser_alg_info_add() ealg_getbyname("3des")=5 Sep 4 09:42:19 gateway pluto[10310]: | enum_search_prefix () calling enum_search(0x80c9648, "OAKLEY_MD5") Sep 4 09:42:19 gateway pluto[10310]: | parser_alg_info_add() aalg_getbyname("md5")=1 Sep 4 09:42:19 gateway pluto[10310]: | enum_search_prefix () calling enum_search(0x80c956c, "OAKLEY_GROUP_MODP1536") Sep 4 09:42:19 gateway pluto[10310]: | parser_alg_info_add() modp_getbyname("modp1536")=5 Sep 4 09:42:19 gateway pluto[10310]: | __alg_info_ike_add() ealg=5 aalg=1 modp_id=5, cnt=7 Sep 4 09:42:19 gateway pluto[10310]: | alg_info_parse_str() ealg_buf=3des aalg_buf=md5eklen=0 aklen=0 Sep 4 09:42:19 gateway pluto[10310]: | enum_search_prefix () calling enum_search(0x80c9684, "OAKLEY_3DES") Sep 4 09:42:19 gateway pluto[10310]: | enum_search_ppfixi () calling enum_search(0x80c9684, "OAKLEY_3DES_CBC") Sep 4 09:42:19 gateway pluto[10310]: | parser_alg_info_add() ealg_getbyname("3des")=5 Sep 4 09:42:19 gateway pluto[10310]: | enum_search_prefix () calling enum_search(0x80c9648, "OAKLEY_MD5") Sep 4 09:42:19 gateway pluto[10310]: | parser_alg_info_add() aalg_getbyname("md5")=1 Sep 4 09:42:19 gateway pluto[10310]: | enum_search_prefix () calling enum_search(0x80c956c, "OAKLEY_GROUP_MODP1024") Sep 4 09:42:19 gateway pluto[10310]: | parser_alg_info_add() modp_getbyname("modp1024")=2 Sep 4 09:42:19 gateway pluto[10310]: | __alg_info_ike_add() ealg=5 aalg=1 modp_id=2, cnt=8 Sep 4 09:42:19 gateway pluto[10310]: | Added new connection njhccriovista with policy PSK+ENCRYPT+TUNNEL+PFS Sep 4 09:42:19 gateway pluto[10310]: | from whack: got --esp=aes128-sha1,aes128-md5,3des-sha1,3des-md5 Sep 4 09:42:19 gateway pluto[10310]: | alg_info_parse_str() ealg_buf=aes aalg_buf=sha1eklen=128 aklen=0 Sep 4 09:42:19 gateway pluto[10310]: | enum_search_prefix () calling enum_search(0x80c9aac, "ESP_AES") Sep 4 09:42:19 gateway pluto[10310]: | parser_alg_info_add() ealg_getbyname("aes")=12 Sep 4 09:42:19 gateway pluto[10310]: | enum_search_prefix () calling enum_search(0x80c9860, "AUTH_ALGORITHM_HMAC_SHA1") Sep 4 09:42:19 gateway pluto[10310]: | parser_alg_info_add() aalg_getbyname("sha1")=2 Sep 4 09:42:19 gateway pluto[10310]: | __alg_info_esp_add() ealg=12 aalg=2 cnt=1 Sep 4 09:42:19 gateway pluto[10310]: | alg_info_parse_str() ealg_buf=aes aalg_buf=md5eklen=128 aklen=0 Sep 4 09:42:19 gateway pluto[10310]: | enum_search_prefix () calling enum_search(0x80c9aac, "ESP_AES") Sep 4 09:42:19 gateway pluto[10310]: | parser_alg_info_add() ealg_getbyname("aes")=12 Sep 4 09:42:19 gateway pluto[10310]: | enum_search_prefix () calling enum_search(0x80c9860, "AUTH_ALGORITHM_HMAC_MD5") Sep 4 09:42:19 gateway pluto[10310]: | parser_alg_info_add() aalg_getbyname("md5")=1 Sep 4 09:42:19 gateway pluto[10310]: | __alg_info_esp_add() ealg=12 aalg=1 cnt=2 Sep 4 09:42:19 gateway pluto[10310]: | alg_info_parse_str() ealg_buf=3des aalg_buf=sha1eklen=0 aklen=0 Sep 4 09:42:19 gateway pluto[10310]: | enum_search_prefix () calling enum_search(0x80c9aac, "ESP_3DES") Sep 4 09:42:19 gateway pluto[10310]: | parser_alg_info_add() ealg_getbyname("3des")=3 Sep 4 09:42:19 gateway pluto[10310]: | enum_search_prefix () calling enum_search(0x80c9860, "AUTH_ALGORITHM_HMAC_SHA1") Sep 4 09:42:19 gateway pluto[10310]: | parser_alg_info_add() aalg_getbyname("sha1")=2 Sep 4 09:42:19 gateway pluto[10310]: | __alg_info_esp_add() ealg=3 aalg=2 cnt=3 Sep 4 09:42:19 gateway pluto[10310]: | alg_info_parse_str() ealg_buf=3des aalg_buf=md5eklen=0 aklen=0 Sep 4 09:42:19 gateway pluto[10310]: | enum_search_prefix () calling enum_search(0x80c9aac, "ESP_3DES") Sep 4 09:42:19 gateway pluto[10310]: | parser_alg_info_add() ealg_getbyname("3des")=3 Sep 4 09:42:19 gateway pluto[10310]: | enum_search_prefix () calling enum_search(0x80c9860, "AUTH_ALGORITHM_HMAC_MD5") Sep 4 09:42:19 gateway pluto[10310]: | parser_alg_info_add() aalg_getbyname("md5")=1 Sep 4 09:42:19 gateway pluto[10310]: | __alg_info_esp_add() ealg=3 aalg=1 cnt=4 Sep 4 09:42:19 gateway pluto[10310]: | esp string values: AES(12)_128-SHA1(2), AES(12)_128-MD5(1), 3DES(3)_000-SHA1(2), 3DES(3)_000-MD5(1); flags=strict Sep 4 09:42:19 gateway pluto[10310]: | from whack: got --ike=aes128-sha-modp1536,aes128-sha-modp1024,aes128-md5-modp1536,aes128-md5-modp1024,3des-sha-modp1536,3des-sha-modp1024,3des-md5-modp1536,3des-md5-modp1024 Sep 4 09:42:19 gateway pluto[10310]: ASSERTION FAILED at alg_info.c:844: buflen >= 0 Sep 4 09:42:19 gateway pluto[10310]: %myid = (none) Sep 4 09:42:19 gateway pluto[10310]: debug crypt+parsing+emitting+control+klips+dns+nattraversal Sep 4 09:42:19 gateway pluto[10310]: Sep 4 09:42:19 gateway pluto[10310]: algorithm ESP encrypt: id=3, name=ESP_3DES, ivlen=64, keysizemin=192, keysizemax=192 Sep 4 09:42:19 gateway pluto[10310]: algorithm ESP encrypt: id=12, name=ESP_AES, ivlen=128, keysizemin=128, keysizemax=256 Sep 4 09:42:19 gateway pluto[10310]: algorithm ESP auth attr: id=1, name=AUTH_ALGORITHM_HMAC_MD5, keysizemin=128, keysizemax=128 Sep 4 09:42:19 gateway pluto[10310]: algorithm ESP auth attr: id=2, name=AUTH_ALGORITHM_HMAC_SHA1, keysizemin=160, keysizemax=160 Sep 4 09:42:19 gateway ipsec__plutorun: /usr/lib/ipsec/_plutorun: line 237: 10310 Aborted /usr/libexec/ipsec/pluto --nofork --secretsfile /etc/ipsec/ipsec.secrets --ipsecdir /etc/ipsec/ipsec.d --debug-crypt --debug-parsing --debug-emitting --debug-control --debug-klips --debug-dns --debug-nat_t --use-auto --uniqueids --nat_traversal --virtual_private '%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:!172.20.20.0/24,%v4:!10.12.0.0/16' Sep 4 09:42:19 gateway pluto[10310]: Sep 4 09:42:19 gateway pluto[10310]: algorithm IKE encrypt: id=5, name=OAKLEY_3DES_CBC, blocksize=8, keydeflen=192 Sep 4 09:42:19 gateway pluto[10310]: algorithm IKE encrypt: id=7, name=OAKLEY_AES_CBC, blocksize=16, keydeflen=128 Sep 4 09:42:19 gateway pluto[10310]: algorithm IKE hash: id=1, name=OAKLEY_MD5, hashsize=16 Sep 4 09:42:19 gateway pluto[10310]: algorithm IKE hash: id=2, name=OAKLEY_SHA1, hashsize=20 Sep 4 09:42:19 gateway pluto[10310]: algorithm IKE dh group: id=2, name=OAKLEY_GROUP_MODP1024, bits=1024 Sep 4 09:42:19 gateway pluto[10310]: algorithm IKE dh group: id=5, name=OAKLEY_GROUP_MODP1536, bits=1536 Sep 4 09:42:19 gateway pluto[10310]: algorithm IKE dh group: id=14, name=OAKLEY_GROUP_MODP2048, bits=2048 Sep 4 09:42:19 gateway pluto[10310]: algorithm IKE dh group: id=15, name=OAKLEY_GROUP_MODP3072, bits=3072 Sep 4 09:42:19 gateway pluto[10310]: algorithm IKE dh group: id=16, name=OAKLEY_GROUP_MODP4096, bits=4096 Sep 4 09:42:19 gateway pluto[10310]: algorithm IKE dh group: id=17, name=OAKLEY_GROUP_MODP6144, bits=6144 Sep 4 09:42:19 gateway pluto[10310]: algorithm IKE dh group: id=18, name=OAKLEY_GROUP_MODP8192, bits=8192 Sep 4 09:42:19 gateway pluto[10310]: Sep 4 09:42:19 gateway pluto[10310]: stats db_ops.c: {curr_cnt, total_cnt, maxsz} :context={0,0,0} trans={0,0,0} attrs={0,0,0} Sep 4 09:42:19 gateway pluto[10310]: Sep 4 09:42:19 gateway pluto[10310]: Sep 4 09:42:19 gateway pluto[10310]: Sep 4 09:42:19 ipsec__plutorun: 003 ASSERTION FAILED at alg_info.c:844 buflen >= 0 Sep 4 09:42:19 ipsec__plutorun 000 %myid = (none) Sep 4 09:42:19 ipsec__plutorun 000 debug crypt+parsing+emitting+control+klips+dns+nattraversal Sep 4 09:42:19 ipsec__plutorun 000 Sep 4 09:42:19 ipsec__plutorun: 000 algorithm ESP encrypt id=3, name=ESP_3DES, ivlen=64, keysizemin=192, keysizemax=192 Sep 4 09:42:19 ipsec__plutorun: 000 algorithm ESP encrypt id=12, name=ESP_AES, ivlen=128, keysizemin=128, keysizemax=256 Sep 4 09:42:19 ipsec__plutorun: 000 algorithm ESP auth attr id=1, name=AUTH_ALGORITHM_HMAC_MD5, keysizemin=128, keysizemax=128 Sep 4 09:42:19 ipsec__plutorun: 000 algorithm ESP auth attr id=2, name=AUTH_ALGORITHM_HMAC_SHA1, keysizemin=160, keysizemax=160 Sep 4 09:42:19 ipsec__plutorun 000 Sep 4 09:42:19 ipsec__plutorun: 000 algorithm IKE encrypt id=5, name=OAKLEY_3DES_CBC, blocksize=8, keydeflen=192 Sep 4 09:42:19 ipsec__plutorun: 000 algorithm IKE encrypt id=7, name=OAKLEY_AES_CBC, blocksize=16, keydeflen=128 Sep 4 09:42:19 ipsec__plutorun: 000 algorithm IKE hash id=1, name=OAKLEY_MD5, hashsize=16 Sep 4 09:42:19 ipsec__plutorun: 000 algorithm IKE hash id=2, name=OAKLEY_SHA1, hashsize=20 Sep 4 09:42:19 ipsec__plutorun: 000 algorithm IKE dh group id=2, name=OAKLEY_GROUP_MODP1024, bits=1024 Sep 4 09:42:19 ipsec__plutorun: 000 algorithm IKE dh group id=5, name=OAKLEY_GROUP_MODP1536, bits=1536 Sep 4 09:42:19 ipsec__plutorun: 000 algorithm IKE dh group id=14, name=OAKLEY_GROUP_MODP2048, bits=2048 Sep 4 09:42:19 ipsec__plutorun: 000 algorithm IKE dh group id=15, name=OAKLEY_GROUP_MODP3072, bits=3072 Sep 4 09:42:19 ipsec__plutorun: 000 algorithm IKE dh group id=16, name=OAKLEY_GROUP_MODP4096, bits=4096 Sep 4 09:42:19 ipsec__plutorun: 000 algorithm IKE dh group id=17, name=OAKLEY_GROUP_MODP6144, bits=6144 Sep 4 09:42:19 ipsec__plutorun: 000 algorithm IKE dh group id=18, name=OAKLEY_GROUP_MODP8192, bits=8192 Sep 4 09:42:19 ipsec__plutorun 000 Sep 4 09:42:19 ipsec__plutorun: 000 stats db_ops.c {curr_cnt, total_cnt, maxsz} :context={0,0,0} trans={0,0,0} attrs={0,0,0} Sep 4 09:42:19 ipsec__plutorun 000 Sep 4 09:42:19 ipsec__plutorun 000 Sep 4 09:42:19 ipsec__plutorun 000 Sep 4 09:42:19 ipsec__plutorun ...could not add conn "mycon" Sep 4 09:42:19 ipsec__plutorun: whack is Pluto running? connect() for "/var/run/pluto/pluto.ctl" failed (111 Connection refused) Sep 4 09:42:19 ipsec__plutorun: whack is Pluto running? connect() for "/var/run/pluto/pluto.ctl" failed (111 Connection refused) Sep 4 09:42:19 ipsec__plutorun ...could not route conn "mycon" Sep 4 09:42:19 ipsec__plutorun: whack is Pluto running? connect() for "/var/run/pluto/pluto.ctl" failed (111 Connection refused) Sep 4 09:42:19 ipsec__plutorun: !pluto failure! exited with error status 134 (signal 6) Sep 4 09:42:19 ipsec__plutorun restarting IPsec after pause... The only errors I'm seeing are Sep 4 09:42:19 gateway ipsec__plutorun: /usr/lib/ipsec/_plutorun: line 237: 10310 Aborted /usr/libexec/ipsec/pluto --nofork --secretsfile /etc/ipsec/ipsec.secrets --ipsecdir /etc/ipsec/ipsec.d --debug-crypt --debug-parsing --debug-emitting --debug-control --debug-klips --debug-dns --debug-nat_t --use-auto --uniqueids --nat_traversal --virtual_private '%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:!172.20.20.0/24,%v4:!10.12.0.0/16' Sep 4 09:42:19 ipsec__plutorun: 003 AS SERTION FAILED at alg_info.c:844 buflen >= 0 So the main question I have is...IS IPsec WORKING AT ALL? Title: [SOLVED] Re: IPsec - Is it working for you? Post by: kmichal on Tuesday 08 September 2009, 03:45:22 pm Replaced Endian Firewall with pfSense.
IPsec work great now. Title: Re: IPsec - Is it working for you? Post by: intuitiv on Tuesday 29 September 2009, 04:32:33 pm Hi,
I have the same strange behaviour. Extract from messages: -------------------------------- Sep 29 08:20:50 efw-212 ipsec__plutorun: 000 Sep 29 08:20:50 efw-212 ipsec__plutorun: 000 Sep 29 08:20:50 efw-212 ipsec__plutorun: 000 Sep 29 08:20:50 efw-212 ipsec__plutorun: ...could not add conn "test" Sep 29 08:20:50 efw-212 ipsec__plutorun: whack: is Pluto running? connect() for "/var/run/pluto/pluto.ctl" failed (111 Connection refused) Sep 29 08:20:50 efw-212 dhcpd: DHCPDISCOVER from 00:22:b0:6f:77:14 via br0: network GREEN: no free leases Sep 29 08:20:50 efw-212 ipsec__plutorun: whack: is Pluto running? connect() for "/var/run/pluto/pluto.ctl" failed (111 Connection refused) Sep 29 08:20:50 efw-212 ipsec__plutorun: ...could not route conn "test" Sep 29 08:20:50 efw-212 ipsec__plutorun: whack: is Pluto running? connect() for "/var/run/pluto/pluto.ctl" failed (111 Connection refused) Sep 29 08:20:50 efw-212 ipsec__plutorun: !pluto failure!: exited with error status 134 (signal 6) Sep 29 08:20:50 efw-212 ipsec__plutorun: restarting IPsec after pause... --------------------------------- Are there any issues running openvpn together with IPSEC on the machine? Any solutions out there? (I do not want to switch to another product...) Thanks in advance. Stefan / intuitiv Title: Re: IPsec - Is it working for you? Post by: ad.aimm on Thursday 29 October 2009, 04:26:28 am hi,
endian 2.2 and 2.3 rc1 static uplink ipsec roadwarrior : works (tested with shrew and greenbow) static uplink ipsec lan to lan : not tested endian 2.2 and 2.3 rc1 pppoe uplink ipsec roadwarrior : doesn't work (tested with shrew and greenbow) pppoe uplink ipsec lan to lan between zyxel and endian : doesn't work endian 2.3 static uplink ipsec roadwarrior : not tested static uplink ipsec lan to lan : not tested endian 2.3 pppoe uplink ipsec roadwarrior : works (tested with shrew and greenbow) pppoe uplink ipsec lan to lan between zyxel and endian : phase1 : ok / phase 2 : failed (dunno why) ipsec lan to lan between endian and endian : doesn't work (probably my fault) to finish stranges issues with ipsec. good luck guys |