<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Dear everyone,<br>
<br>
Paul stated that he believed all the problems you reported were
caused by the orientation issue. So far I can't see any with.
Wouldn't your problems be related by the parser.l issue I worked on
yesterday and today prematurely exiting ?<br>
<br>
To check whether the orientation issue is an actual problem for you,
set in your /etc/ipsec.conf the following item to the following
value:<br>
<br>
plutodebug=controlmore<br>
<br>
<br>
You should then read in your /var/log/secure the following sequence
when pluto is started. Especially note that the order is important.<br>
<br>
Jan 8 18:19:21 victor pluto[19103]: listening for IKE messages<br>
Jan 8 18:19:21 victor pluto[19103]: | Inspecting interface lo<br>
Jan 8 18:19:21 victor pluto[19103]: | found lo with address
127.0.0.1<br>
Jan 8 18:19:21 victor pluto[19103]: | Inspecting interface eth0<br>
Jan 8 18:19:21 victor pluto[19103]: | found eth0 with address
192.168.1.2<br>
Jan 8 18:19:21 victor pluto[19103]: <b>adding interface</b>
eth0/eth0 192.168.1.2:500<br>
Jan 8 18:19:21 victor pluto[19103]: <b>adding interface</b>
eth0/eth0 192.168.1.2:4500<br>
Jan 8 18:19:21 victor pluto[19103]: <b>adding interface</b> lo/lo
127.0.0.1:500<br>
Jan 8 18:19:21 victor pluto[19103]: <b>adding interface</b> lo/lo
127.0.0.1:4500<br>
Jan 8 18:19:21 victor pluto[19103]: <b>adding interface</b> lo/lo
::1:500<br>
Jan 8 18:19:21 victor pluto[19103]: loading secrets from
"/etc/ipsec.secrets"<br>
Jan 8 18:19:21 victor pluto[19103]: loading secrets from
"/etc/ipsec.d/ipsec.secrets"<br>
Jan 8 18:19:21 victor pluto[19103]: loaded private key for keyid:
PPK_RSA:AwEAAcc+7<br>
Jan 8 18:19:22 victor pluto[19129]: | <b>calling addconn helper
using execve</b><br>
Jan 8 18:19:22 victor pluto[19103]: | find_host_pair_conn
(check_connection_end): 192.168.1.2:500 %any:500 -> <b>hp:none</b><br>
Jan 8 18:19:22 victor pluto[19103]: added connection description
"roadwarrior-l2tp-updatedwin"<br>
Jan 8 18:19:22 victor pluto[19103]: | find_host_pair_conn
(check_connection_end): 192.168.1.2:500 %any:500 -> <b>hp:none</b><br>
Jan 8 18:19:22 victor pluto[19103]: added connection description
"roadwarrior-l2tp"<br>
Jan 8 18:19:22 victor pluto[19103]: | find_host_pair_conn
(check_connection_end): 192.168.1.2:500 %any:500 -> <b>hp:none</b><br>
Jan 8 18:19:22 victor pluto[19103]: added connection description
"macintosh-l2tp"<br>
Jan 8 18:19:22 victor pluto[19103]: | find_host_pair_conn
(check_connection_end): 192.168.1.2:500 %any:500 -> <b>hp:none</b><br>
Jan 8 18:19:22 victor pluto[19103]: added connection description
"roadwarrior"<br>
Jan 8 18:19:22 victor pluto[19103]: | <b>reaped addconn helper
child</b><br>
Jan 8 18:19:22 victor pluto[19103]: | <b>connect_to_host_pair: </b>192.168.1.2:500
0.0.0.0:500 -> <b>hp:none</b><br>
Jan 8 18:19:22 victor pluto[19103]: | find_host_pair: comparing to
192.168.1.2:500 0.0.0.0:500<br>
Jan 8 18:19:22 victor pluto[19103]: | <b>connect_to_host_pair: </b>192.168.1.2:500
0.0.0.0:500 -> <b>hp:roadwarrior</b><br>
Jan 8 18:19:22 victor pluto[19103]: | find_host_pair: comparing to
192.168.1.2:500 0.0.0.0:500<br>
Jan 8 18:19:22 victor pluto[19103]: | <b>connect_to_host_pair:</b>
192.168.1.2:500 0.0.0.0:500 -> <b>hp:macintosh-l2tp</b><br>
Jan 8 18:19:22 victor pluto[19103]: | find_host_pair: comparing to
192.168.1.2:500 0.0.0.0:500<br>
Jan 8 18:19:22 victor pluto[19103]: | <b>connect_to_host_pair</b>:
192.168.1.2:500 0.0.0.0:500 -> <b>hp:roadwarrior-l2tp</b><br>
Jan 8 18:20:21 victor pluto[19103]: | event added at head of queue<br>
Jan 8 18:21:21 victor pluto[19103]: | event added after event
EVENT_PENDING_PHASE2<br>
<br>
Then all your conns should be working provided you configured them
correctly. This is unless there are other unreported bugs within
Libreswan.<br>
<br>
Regards to everyone.<br>
<pre class="moz-signature" cols="72">--
Philippe Vouters (Fontainebleau/France)
URL: <a class="moz-txt-link-freetext" href="http://vouters.dyndns.org/">http://vouters.dyndns.org/</a>
SIP: <a class="moz-txt-link-abbreviated" href="mailto:sip:Vouters@sip.linphone.org">sip:Vouters@sip.linphone.org</a></pre>
</body>
</html>