Hi Andreas,<br>I tried <span style="color: rgb(0, 0, 153);">'ipsec up rw'</span> and with other connections also, but it gives error: <br><div style="margin-left: 40px; color: rgb(0, 0, 153);">"rw": we have no ipsecN interface for either end of this connection<br>
</div><br>My setting for rw connection in ipsec.conf is:<br><div style="margin-left: 40px; color: rgb(0, 0, 153);">conn rw<br> left=192.168.1.21<br> leftsubnet=<a href="http://10.1.0.0/16">10.1.0.0/16</a><br>
leftcert=karmicCert.pem<br> right=%any<br> auto=add<br></div><br>Running 'ifconfig' results in:<br><div style="margin-left: 40px; color: rgb(0, 0, 153);">eth0 Link encap:Ethernet HWaddr 00:0c:29:a4:ce:89 <br>
inet addr:192.168.1.24 Bcast:192.168.1.255 Mask:255.255.255.0<br> inet6 addr: fe80::20c:29ff:fea4:ce89/64 Scope:Link<br> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1<br> RX packets:1446144 errors:4 dropped:0 overruns:0 frame:0<br>
TX packets:29047 errors:0 dropped:0 overruns:0 carrier:0<br> collisions:0 txqueuelen:1000 <br> RX bytes:685339952 (685.3 MB) TX bytes:7713988 (7.7 MB)<br> Interrupt:18 Base address:0x2000 <br>
<br>eth2 Link encap:Ethernet HWaddr 00:0c:29:a4:ce:93 <br> inet addr:10.1.0.1 Bcast:10.1.255.255 Mask:255.255.0.0<br> inet6 addr: fe80::20c:29ff:fea4:ce93/64 Scope:Link<br> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1<br>
RX packets:701810 errors:0 dropped:0 overruns:0 frame:0<br> TX packets:33815 errors:0 dropped:0 overruns:0 carrier:0<br> collisions:0 txqueuelen:1000 <br> RX bytes:232827521 (232.8 MB) TX bytes:7517841 (7.5 MB)<br>
Interrupt:16 Base address:0x2080 <br><br>lo Link encap:Local Loopback <br> inet addr:127.0.0.1 Mask:255.0.0.0<br> inet6 addr: ::1/128 Scope:Host<br> UP LOOPBACK RUNNING MTU:16436 Metric:1<br>
RX packets:4 errors:0 dropped:0 overruns:0 frame:0<br> TX packets:4 errors:0 dropped:0 overruns:0 carrier:0<br> collisions:0 txqueuelen:0 <br> RX bytes:240 (240.0 B) TX bytes:240 (240.0 B)<br>
<br>virbr0 Link encap:Ethernet HWaddr ae:7d:8f:49:de:3e <br> inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0<br> inet6 addr: fe80::ac7d:8fff:fe49:de3e/64 Scope:Link<br> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1<br>
RX packets:0 errors:0 dropped:0 overruns:0 frame:0<br> TX packets:191 errors:0 dropped:0 overruns:0 carrier:0<br> collisions:0 txqueuelen:0 <br> RX bytes:0 (0.0 B) TX bytes:17967 (17.9 KB)<br>
<br></div>I searched for the error, but got nothing specific.<br>Do I need to add a line like '<span style="color: rgb(0, 0, 153);">interfaces=%defaultroute</span>' in ipsec.conf file?<br><br clear="all">Regards<br>
Pankaj Gupta<br>
<br><br><div class="gmail_quote">On Fri, Apr 16, 2010 at 1:26 PM, Andreas Steffen <span dir="ltr"><<a href="mailto:andreas.steffen@strongswan.org">andreas.steffen@strongswan.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Ok, pluto is now successfully starting up so that you can remove<br>
the --nofork option. As a next step you must initiate a connection<br>
either on karmic or on pankaj-desktop with the command<br>
<br>
ipsec up <connection name><br>
<br>
BTW you cannot define leftid=@karmic and rightid=@pankaj-desktop<br>
if these IDs are not contained as subjectAltNames in the certificate<br>
of the respective peer.<br>
<br>
Regards<br><font color="#888888">
<br>
Andreas</font><div class="im"><br>
<br>
On 16.04.2010 08:14, pankaj gupta wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Thanks so much Andreas. I did it and got overwhelming output at console.<br>
I am attaching the output with this mail for your review.<br>
At some places it reports of some plugins not found, but doesnt stop<br>
there. So think those are not creating problem.<br>
There are a lot of signature verification, locking and unlocking of values.<br>
I could not understand if its running fine or not.<br>
<br>
I really appreciate your support in my distress.<br>
<br>
Regards<br>
Pankaj Gupta<br>
</blockquote>
<br></div><div><div></div><div class="h5">
======================================================================<br>
Andreas Steffen <a href="mailto:andreas.steffen@strongswan.org" target="_blank">andreas.steffen@strongswan.org</a><br>
strongSwan - the Linux VPN Solution! <a href="http://www.strongswan.org" target="_blank">www.strongswan.org</a><br>
Institute for Internet Technologies and Applications<br>
University of Applied Sciences Rapperswil<br>
CH-8640 Rapperswil (Switzerland)<br>
===========================================================[ITA-HSR]==<br>
</div></div></blockquote></div><br>