[strongSwan] Problem configuring strongSwan

pankaj gupta beckman16 at gmail.com
Mon Apr 19 10:00:03 CEST 2010


Hi Andreas,
I tried 'ipsec up rw' and with other connections also, but it gives error:
"rw": we have no ipsecN interface for either end of this connection

My setting for rw connection in ipsec.conf is:
conn rw
        left=192.168.1.21
        leftsubnet=10.1.0.0/16
        leftcert=karmicCert.pem
        right=%any
        auto=add

Running 'ifconfig' results in:
eth0      Link encap:Ethernet  HWaddr 00:0c:29:a4:ce:89
          inet addr:192.168.1.24  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fea4:ce89/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1446144 errors:4 dropped:0 overruns:0 frame:0
          TX packets:29047 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:685339952 (685.3 MB)  TX bytes:7713988 (7.7 MB)
          Interrupt:18 Base address:0x2000

eth2      Link encap:Ethernet  HWaddr 00:0c:29:a4:ce:93
          inet addr:10.1.0.1  Bcast:10.1.255.255  Mask:255.255.0.0
          inet6 addr: fe80::20c:29ff:fea4:ce93/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:701810 errors:0 dropped:0 overruns:0 frame:0
          TX packets:33815 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:232827521 (232.8 MB)  TX bytes:7517841 (7.5 MB)
          Interrupt:16 Base address:0x2080

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:4 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:240 (240.0 B)  TX bytes:240 (240.0 B)

virbr0    Link encap:Ethernet  HWaddr ae:7d:8f:49:de:3e
          inet addr:192.168.122.1  Bcast:192.168.122.255  Mask:255.255.255.0
          inet6 addr: fe80::ac7d:8fff:fe49:de3e/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:191 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:17967 (17.9 KB)

I searched for the error, but got nothing specific.
Do I need to add a line like 'interfaces=%defaultroute' in ipsec.conf file?

Regards
Pankaj Gupta


On Fri, Apr 16, 2010 at 1:26 PM, Andreas Steffen <
andreas.steffen at strongswan.org> wrote:

> Ok, pluto is now successfully starting up so that you can remove
> the --nofork option. As a next step you must initiate a connection
> either on karmic or on pankaj-desktop with the command
>
>  ipsec up <connection name>
>
> BTW you cannot define leftid=@karmic and rightid=@pankaj-desktop
> if these IDs are not contained as subjectAltNames in the certificate
> of the respective peer.
>
> Regards
>
> Andreas
>
>
> On 16.04.2010 08:14, pankaj gupta wrote:
>
>> Thanks so much Andreas. I did it and got overwhelming output at console.
>> I am attaching the output with this mail for your review.
>> At some places it reports of some plugins not found, but doesnt stop
>> there. So think those are not creating problem.
>> There are a lot of signature verification, locking and unlocking of
>> values.
>> I could not understand if its running fine or not.
>>
>> I really appreciate your support in my distress.
>>
>> Regards
>> Pankaj Gupta
>>
>
> ======================================================================
> Andreas Steffen                         andreas.steffen at strongswan.org
> strongSwan - the Linux VPN Solution!                www.strongswan.org
> Institute for Internet Technologies and Applications
> University of Applied Sciences Rapperswil
> CH-8640 Rapperswil (Switzerland)
> ===========================================================[ITA-HSR]==
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20100419/5097706c/attachment.html>


More information about the Users mailing list