Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Problem with libreswan
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
chl
n00b
n00b


Joined: 13 May 2003
Posts: 70
Location: Munich

PostPosted: Fri Nov 21, 2014 8:01 pm    Post subject: Problem with libreswan Reply with quote

I use an IPSEC VPN (PSK and Xauth) to connect to the terminal server in my office.

Due to the masking of openswan I have recently changed to libreswan.

On both computers I use, I have added the conn section (see below) that I used with openswan to the ipsec.conf of libreswan.
ipsec.secret remained unchanged.

Code:

conn office
    type=tunnel
    authby=secret
    auto=start
    ikelifetime=1h
    keylife=1h
    left=%defaultroute
    leftid=192.168.14.20
    right=xxx.xxx.xxx.xxx
    rightsubnet=192.168.13.0/24
    leftxauthclient=yes
    rightxauthserver=yes
    leftxauthusername=xxxxx


On one computer it works perfectly, on the other one I get the following error messages:

Code:

# ipsec setup start             
Redirecting to: systemctl start ipsec.service
# ipsec auto --up office
002 "office" #3: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+XAUTH+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW {using isakmp#1 msgid:4c74d706 proposal=defaults pfsgroup=OAKLEY_GROUP_MODP1536}
117 "office" #3: STATE_QUICK_I1: initiate
003 "office" #3: ignoring informational payload IPSEC_RESPONDER_LIFETIME, msgid=4c74d706, length=28
003 "office" #3: up-host command exited with status 1
032 "office" #3: STATE_QUICK_I1: internal error
003 "office" #3: ignoring informational payload IPSEC_RESPONDER_LIFETIME, msgid=4c74d706, length=28
003 "office" #3: ERROR: netlink response for Add SA esp.ec97eed0@192.168.1.100 included errno 3: No such process
003 "office" #3: Warning: expected to find an existing IPsec SA - continuing as Add SA
003 "office" #3: up-host command exited with status 1
003 "office" #3: ERROR: netlink response for Del SA esp.a4006c20@xxx.xxx.xxx.xxx included errno 3: No such process
032 "office" #3: STATE_QUICK_I1: internal error
003 "office" #3: ignoring informational payload IPSEC_RESPONDER_LIFETIME, msgid=4c74d706, length=28
003 "office" #3: ERROR: netlink response for Add SA esp.ec97eed0@192.168.1.100 included errno 3: No such process
003 "office" #3: Warning: expected to find an existing IPsec SA - continuing as Add SA
003 "office" #3: up-host command exited with status 1
003 "office" #3: ERROR: netlink response for Del SA esp.a4006c20@xxx.xxx.xxx.xxx included errno 3: No such process
032 "office" #3: STATE_QUICK_I1: internal error
.....


Unfortunately I have no idea why it works on one computer but not the other. Any hints?

CHL
_________________
The difficulty in designing something completely foolproof, is not to underestimate the ingenuity of complete fools.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum