[Swan] Need support for IPSEC
Sriram Yarlagadda
sriram.yarlagadda2 at gmail.com
Fri Mar 23 23:42:22 UTC 2018
Hello Libreswan team,
How are you doing ?
I have been trying to develop a cybersecurity project for learning
purposes. My goal is to add ipsec stack to my ethernet communication
between Beagle bone board and my computer.
I have been facing following issues from the past couple of days on using
IPSEC stack. I would really appreciate your help if you can provide some
insights to me.
I downloaded the package from the following weblink
https://download.libreswan.org/libreswan-3.23.tar.gz
After downloading the file i ran the following commands to install
$sudo make all
$sudo make install
i am observing the following errors when i tried starting the IPSEC service
$sudo systemctl status ipsec.service
ipsec.service - Internet Key Exchange (IKE) Protocol Daemon for IPsec
Loaded: loaded (/lib/systemd/system/ipsec.service; enabled; vendor
preset: enabled)
Active: inactive (dead) (Result: exit-code) since Fri 2018-03-23
16:26:35 PDT; 5s ago
Docs: man:ipsec(8)
man:pluto(8)
man:ipsec.conf(5)
Process: 114278 ExecStartPre=/usr/local/libexec/ipsec/_stackmanager start
(code=exited, status=1/FAILURE)
Process: 114270 ExecStartPre=/usr/local/libexec/ipsec/addconn --config
/etc/ipsec.conf --checkconfig (code=exited, status=0/SUCCES
Main PID: 35602 (code=exited, status=127)
Mar 23 16:26:35 ubuntu systemd[1]: Failed to start Internet Key Exchange
(IKE) Protocol Daemon for IPsec.
Mar 23 16:26:35 ubuntu systemd[1]: ipsec.service: Unit entered failed state.
Mar 23 16:26:35 ubuntu systemd[1]: ipsec.service: Failed with result
'exit-code'.
Mar 23 16:26:35 ubuntu systemd[1]: ipsec.service: Service hold-off time
over, scheduling restart.
Mar 23 16:26:35 ubuntu systemd[1]: Stopped Internet Key Exchange (IKE)
Protocol Daemon for IPsec.
Mar 23 16:26:35 ubuntu systemd[1]: ipsec.service: Start request repeated
too quickly.
Mar 23 16:26:35 ubuntu systemd[1]: Failed to start Internet Key Exchange
(IKE) Protocol Daemon for IPsec.
following is the data when i ran the
$ipsec verify
Checking if IPsec got installed and started correctly:
Version check and ipsec on-path [OK]
Openswan U2.6.50/K4.13.0-37-generic (netkey)
See `ipsec --copyright' for copyright information.
Checking for IPsec support in kernel [OK]
NETKEY: Testing XFRM related proc values
ICMP default/send_redirects [OK]
ICMP default/accept_redirects [OK]
XFRM larval drop [OK]
Hardware random device check [N/A]
Two or more interfaces found, checking IP forwarding [OK]
Checking rp_filter [OK]
Checking that pluto is running [FAILED]
Checking NAT and MASQUERADEing [TEST INCOMPLETE]
Checking 'ip' command [OK]
Checking 'iptables' command [OK]
ipsec verify: encountered errors
I do not see the following file available
/var/log/pluto.ctl
following are my OS details
Linux ubuntu 4.13.0-37-generic #42~16.04.1-Ubuntu SMP Wed Mar 7 16:03:28
UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
I would really appreciate your time and support if you can give some
insights on what things i can try to solve this issue.
Regrds,
Sriram
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20180323/5f0a1f79/attachment.html>
More information about the Swan
mailing list