Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

IPsec dont want to tunnel up
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
slashlinux
n00b
n00b


Joined: 26 Nov 2011
Posts: 62
Location: dan
PostPosted: Thu Sep 12, 2013 7:44 am    Post subject: IPsec dont want to tunnel up Reply with quote
Hello dear people,

I have a problem with my ipsec/openswan on my gentoo 8O , it dont want to tunnel up and I have more errors.

My OS is :

Code:
cat /etc/*release
Gentoo Base System release 2.2
DISTRIB_ID="Gentoo"
NAME=Gentoo
ID=gentoo
PRETTY_NAME="Gentoo/Linux"
ANSI_COLOR="1;32"
HOME_URL="http://www.gentoo.org/"
SUPPORT_URL="http://www.gentoo.org/main/en/support.xml"
BUG_REPORT_URL="https://bugs.gentoo.org/"



My version ipsec is :

Code:
Linux Openswan U2.6.38/K3.8.13-gentoo (netkey)



Problem with ipsec:


Code:
Version check and ipsec on-path                                 [OK]
Linux Openswan U2.6.38/K3.8.13-gentoo (netkey)
Checking for IPsec support in kernel                            [OK]
 SAref kernel support                                           [N/A]
 NETKEY:  Testing XFRM related proc values                      [OK]
        [OK]
        [OK]
Checking that pluto is running                                  [OK]
 Pluto listening for IKE on udp 500                             [OK]
 Pluto listening for NAT-T on udp 4500                          [OK]
Two or more interfaces found, checking IP forwarding            [FAILED]
Checking NAT and MASQUERADEing                                  [OK]
Checking for 'ip' command                                       [OK]
Checking /bin/sh is not /bin/dash                               [OK]
Checking for 'iptables' command                                 [OK]
Opportunistic Encryption Support                                [DISABLED]



Code:
 /etc/init.d/ipsec status
IPsec running  - pluto pid: 7173
pluto pid 7173
No tunnels up



In logs I have the following:

Code:
packet from 192.168.1.1:500: initial Main Mode message received on 193.169.2.178:500 but no connection has been authorized



The forwarding is activated :

Code:
# cat  /proc/sys/net/ipv4/ip_forward
1



What can I do now ,you can help me please?





I found the problem, I scanned the port 500 and it looks like :

Code:
PORT     STATE         SERVICE
500/udp open|filtered isakmp




Normally shoud be like this :


Code:
PORT    STATE SERVICE
500/udp open  isakmp



How can I open this port?

Thank you
Back to top
View user's profile Send private message
thegeezer
n00b
n00b


Joined: 11 Jul 2010
Posts: 38
PostPosted: Tue Sep 17, 2013 8:39 pm    Post subject: Reply with quote
what device is on the other end ?
have you configured /etc/ipsec.secrets ?
what is in your /etc/ipsec.conf ?

the error "packet from 192.168.1.1:500: initial Main Mode message received on 193.169.2.178:500 but no connection has been authorized" says the other side was trying to call you but you ahve not configured to respond to it

re: the port being filtered, it's dependent on the device on the other end
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2024 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy