schrippe
15.03.04, 11:56
hi,
habe nach folgendem howto meine clientseite eingerichtet,
http://www2.eng.cam.ac.uk/~tpl/ipsec-x509.php.html#clientfswan
doch nur bekomme ich bei ipsec barf, das er mir keine connection erstellt die man anfahren könnte.
er läd alle files, die er brauch, auch die richtigen cert files, doch no conn.
hier mein ipsec barf:
Mar 15 12:37:17 localhost ipsec__plutorun: Starting Pluto subsystem...
Mar 15 12:37:17 localhost pluto[5927]: Starting Pluto (Openswan Version 1.0.1)
Mar 15 12:37:17 localhost pluto[5927]: including X.509 patch with traffic selectors (Version 0.9.37)
Mar 15 12:37:17 localhost pluto[5927]: including NAT-Traversal patch (Version 0.6) [disabled]
Mar 15 12:37:17 localhost pluto[5927]: ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret=0)
Mar 15 12:37:17 localhost pluto[5927]: ike_alg_register_enc(): Activating OAKLEY_BLOWFISH_CBC: Ok (ret=0)
Mar 15 12:37:17 localhost pluto[5927]: ike_alg_register_enc(): Activating OAKLEY_CAST_CBC: Ok (ret=0)
Mar 15 12:37:17 localhost pluto[5927]: ike_alg_register_enc(): Activating OAKLEY_SERPENT_CBC: Ok (ret=0)
Mar 15 12:37:17 localhost pluto[5927]: ike_alg_register_hash(): Activating OAKLEY_SHA2_256: Ok (ret=0)
Mar 15 12:37:17 localhost pluto[5927]: ike_alg_register_hash(): Activating OAKLEY_SHA2_512: Ok (ret=0)
Mar 15 12:37:17 localhost pluto[5927]: ike_alg_register_enc(): Activating OAKLEY_TWOFISH_CBC: Ok (ret=0)
Mar 15 12:37:17 localhost pluto[5927]: ike_alg_register_enc(): Activating OAKLEY_SSH_PRIVATE_65289: Ok (ret=0)
Mar 15 12:37:17 localhost pluto[5927]: Changing to directory '/etc/ipsec.d/cacerts'
Mar 15 12:37:17 localhost pluto[5927]: loaded cacert file 'cacert.pem' (1586 bytes)
Mar 15 12:37:17 localhost pluto[5927]: Changing to directory '/etc/ipsec.d/crls'
Mar 15 12:37:17 localhost pluto[5927]: loaded crl file 'crl.pem' (674 bytes)
Mar 15 12:37:17 localhost pluto[5927]: OpenPGP certificate file '/etc/pgpcert.pgp' not found
Mar 15 12:37:17 localhost pluto[5927]: listening for IKE messages
Mar 15 12:37:17 localhost pluto[5927]: adding interface ipsec0/eth0 192.168.20.9
Mar 15 12:37:17 localhost pluto[5927]: loading secrets from "/etc/ipsec.secrets"
Mar 15 12:37:17 localhost pluto[5927]: loaded private key file '/etc/ipsec.d/private/linux.key' (2833 bytes)
mehr kommt nicht
habe in der conn section bei right=%defaultroute drinstehen. wenn ich das auf %any ändere erstellt er eine connection. dann kommt folgendes bei
~#ipsec auto --up roadwarrior
022 "roadwarrior": we have no ipsecN interface for either end of this connection
habe nach folgendem howto meine clientseite eingerichtet,
http://www2.eng.cam.ac.uk/~tpl/ipsec-x509.php.html#clientfswan
doch nur bekomme ich bei ipsec barf, das er mir keine connection erstellt die man anfahren könnte.
er läd alle files, die er brauch, auch die richtigen cert files, doch no conn.
hier mein ipsec barf:
Mar 15 12:37:17 localhost ipsec__plutorun: Starting Pluto subsystem...
Mar 15 12:37:17 localhost pluto[5927]: Starting Pluto (Openswan Version 1.0.1)
Mar 15 12:37:17 localhost pluto[5927]: including X.509 patch with traffic selectors (Version 0.9.37)
Mar 15 12:37:17 localhost pluto[5927]: including NAT-Traversal patch (Version 0.6) [disabled]
Mar 15 12:37:17 localhost pluto[5927]: ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret=0)
Mar 15 12:37:17 localhost pluto[5927]: ike_alg_register_enc(): Activating OAKLEY_BLOWFISH_CBC: Ok (ret=0)
Mar 15 12:37:17 localhost pluto[5927]: ike_alg_register_enc(): Activating OAKLEY_CAST_CBC: Ok (ret=0)
Mar 15 12:37:17 localhost pluto[5927]: ike_alg_register_enc(): Activating OAKLEY_SERPENT_CBC: Ok (ret=0)
Mar 15 12:37:17 localhost pluto[5927]: ike_alg_register_hash(): Activating OAKLEY_SHA2_256: Ok (ret=0)
Mar 15 12:37:17 localhost pluto[5927]: ike_alg_register_hash(): Activating OAKLEY_SHA2_512: Ok (ret=0)
Mar 15 12:37:17 localhost pluto[5927]: ike_alg_register_enc(): Activating OAKLEY_TWOFISH_CBC: Ok (ret=0)
Mar 15 12:37:17 localhost pluto[5927]: ike_alg_register_enc(): Activating OAKLEY_SSH_PRIVATE_65289: Ok (ret=0)
Mar 15 12:37:17 localhost pluto[5927]: Changing to directory '/etc/ipsec.d/cacerts'
Mar 15 12:37:17 localhost pluto[5927]: loaded cacert file 'cacert.pem' (1586 bytes)
Mar 15 12:37:17 localhost pluto[5927]: Changing to directory '/etc/ipsec.d/crls'
Mar 15 12:37:17 localhost pluto[5927]: loaded crl file 'crl.pem' (674 bytes)
Mar 15 12:37:17 localhost pluto[5927]: OpenPGP certificate file '/etc/pgpcert.pgp' not found
Mar 15 12:37:17 localhost pluto[5927]: listening for IKE messages
Mar 15 12:37:17 localhost pluto[5927]: adding interface ipsec0/eth0 192.168.20.9
Mar 15 12:37:17 localhost pluto[5927]: loading secrets from "/etc/ipsec.secrets"
Mar 15 12:37:17 localhost pluto[5927]: loaded private key file '/etc/ipsec.d/private/linux.key' (2833 bytes)
mehr kommt nicht
habe in der conn section bei right=%defaultroute drinstehen. wenn ich das auf %any ändere erstellt er eine connection. dann kommt folgendes bei
~#ipsec auto --up roadwarrior
022 "roadwarrior": we have no ipsecN interface for either end of this connection