[Swan] R: R: Installing klips
Antonio Scattolini
antonio.scattolini at atpesercizio.it
Tue Mar 17 11:27:48 EET 2015
Netkey (protostack=netkey) has:
Pluto listening for IKE on udp 500 [OK]
Pluto listening for IKE/NAT-T on udp 4500 [OK]
Klips (protostack=klips) has:
Pluto listening for IKE on udp 500 [FAILED]
Pluto listening for IKE/NAT-T on udp 4500 [DISABLED]
is it correct?
Antonio
-----Messaggio originale-----
Da: Antonio Scattolini [mailto:antonio.scattolini at atpesercizio.it]
Inviato: lunedi 16 marzo 2015 22.55
A: 'Paul Wouters'
Cc: 'swan at lists.libreswan.org'
Oggetto: R: R: [Swan] Installing klips
Now, the next problem.....:
Checking that pluto is running [OK]
Pluto listening for IKE on udp 500 [FAILED]
Pluto listening for IKE/NAT-T on udp 4500 [DISABLED]
...and ipsec barf:
listening for IKE messages
no public interfaces found
What does it mean? What can I check?
-----Messaggio originale-----
Da: Paul Wouters [mailto:paul at nohats.ca]
Inviato: lunedi 16 marzo 2015 17.02
A: Antonio Scattolini
Cc: swan at lists.libreswan.org
Oggetto: Re: R: [Swan] Installing klips
On Mon, 16 Mar 2015, Antonio Scattolini wrote:
> 1) previously I inserted protostack but, without indentation, service gave
> me an error; why don't eliminate the need of indentation?
Because it is used to differentiate sections
config setup
options
options
conn %default
options
options
conn foo
options
options
> 2) how to link ipsec0 to eth1 permanently (instead of eth0)? ipsec tncfg
is
> not permanent...
in config setup add: interfaces="ipsec0=eth1"
> 3) there is no more /etc/init.d/ipsec start|stop|restart... right?
Depends on your system. If you are using a distribution that uses
systemd, you can look at /lib/systemd/system/ipsec.service
Otherwise, on a system with sysvinit, there should still be an init
script for start/stop/restart.
Paul
More information about the Swan
mailing list