Re: ipsec
On Thu, Aug 12, 2004 at 08:22:01AM +0200, Frédéric BOITEUX wrote:
> Le Tue, 10 Aug 2004 23:42:02 +0200, f1sxo <f1sxo@ref-union.org> a écrit :
> > Un ipsec restart me donne ce message d'erreur :
> > ipsec_setup: (/etc/ipsec.conf, line 25) section header
> > "rightrsasigkey=xxxxxxxxxxxxxxxxxxxxxxxxxxxxv"
> > has wrong number of fields (1) -- `restart' aborted
> >
> > Une idée du pb ?
J'ai trouvé une première reponse : il manquait un espace sur la ligne
25.
> Quel soft utilise-tu ? Freeswan ? Openswan ? autre ?
Freeswan 2.04-11
> de mise au point ?
Mise au point
Par contre ipsec barf n'est pas du tout content :-(
Aug 12 18:35:22 fred3 ipsec__plutorun: 003 "/etc/ipsec.secrets" line 10:
premature end of RSA key
Aug 12 18:35:22 fred3 ipsec__plutorun: 003 ERROR "/etc/ipsec.secrets"
line 10: index "/tmp/ipsec-postinst.JSKPPL" illegal (non-DNS-name)
character in name
line 10: index "/tmp/ipsec-postinst.JSKPPL" illegal (non-DNS-name)
character in name
Aug 12 18:35:22 fred3 ipsec__plutorun: 003 ERROR "/etc/ipsec.secrets"
line 11: index "}" illegal (non-DNS-name) character in name
Aug 12 18:35:22 fred3 ipsec__plutorun: 003 "/etc/ipsec.secrets" line 11:
unexpected end of id list
Aug 12 18:35:22 fred3 ipsec__plutorun: 003 "packetdefault": ERROR:
netlink XFRM_MSG_NEWPOLICY response for flow %trap included errno 17:
File exists
Aug 12 18:35:22 fred3 ipsec__plutorun: 025 "packetdefault": could not
route
Aug 12 18:35:22 fred3 ipsec__plutorun: ...could not route conn
"packetdefault"
Aug 12 18:35:22 fred3 pluto[11417]: "packetdefault": ERROR: netlink
XFRM_MSG_NEWPOLICY response for flow %trap included errno 17: File
exists
Aug 12 18:43:17 fred3 pluto[11417]: ERROR: netlink XFRM_MSG_DELPOLICY
response for flow int.0@0.0.0.0 included errno 2: No such file or
directory
ipsec.conf :
conn F1SXOtoF6HQZ
authby=rsasig
left=%defaultroute
leftsubnet=44.151.131.128/25
left=%defaultroute
leftsubnet=44.151.131.128/25
leftfirewall=yes
leftrsasigkey=
leftid=@F1SXO
right=212.180.113.45
rightsubnet=44.151.177.64/27
rightfirewall=yes
rightrsasigkey=xxxxxxxxxxxx
rightid=@F6HQZ
esp=3des-md5-96
auto=add
ipsec.secrets :
: RSA {
/tmp/ipsec-postinst.JSKPPL
}
--
Frédéric Zulian
f1sxo
Reply to:
- Follow-Ups:
- Re: ipsec
- From: Frédéric BOITEUX <fboiteux@calistel.com>
- References:
- ipsec
- From: f1sxo <f1sxo@ref-union.org>
- Re: ipsec
- From: Frédéric BOITEUX <fboiteux@calistel.com>