problemas con freeswan

Luis Mendez U. lmendez en pullman.cl
Jue Jun 3 21:04:24 CLT 2004 

De freeswan no se mucho pero aqui te adjunto detalles de la configuracion
que tengo funcionando en FC1

uname -a
2.4.22-1.2115.nptl

[root en vpn etc]# rpmquery -a |grep freeswan
freeswan-module-2.04_2.4.22_1.2115.nptl-0
freeswan-userland-2.04_2.4.22_1.2115.nptl-0

[root en vpn etc]# cat ipsec.conf |more

version 2.0     # conforms to second version of ipsec.conf specification

# basic configuration
config setup
        forwardcontrol=yes
        interfaces="ipsec0=eth0"
        uniqueids=yes


conn %default
        auto=start
        keyingtries=0
        disablearrivalcheck=no
        authby=secret
        keylife=28800s

conn  chuchunco
        left=ip-publica-linux-casa-central
        leftsubnet=192.168.10.0/24 red lan linux casa-central
        leftnexthop=router-ip-publica-casa-central
        right=ip-publica-linux-chuchunco
        rightsubnet=10.8.64.0/24 red lan chuchunco
        rightnexthop=x.x.x.x  router ip-publica chuchunco

conn packetdefault
        auto=add

conn block
        auto=ignore

conn private
        auto=ignore

conn private-or-clear
        auto=ignore

conn clear-or-private
        auto=ignore

conn clear
        auto=ignore

[root en vpn2 etc]# cat ipsec.secrets
ip-publica-linux-sucursal    ip-publica-linuc-central:  PSK "clave
ultrasecreta"

esa es la forma mas basica que tengo funcionando, tambien hay otra mas
fregada que usa llaves publicas y privadas.

uan vez que te funque verifica con
/usr/local/sbin/ipsec look

y con el ifconfig deberia mostrarte la interfaz ipsec0




----- Original Message -----
From: Ricardo Gutiérrez J. <rgutierrez en cousinomacul.cl>
To: <linux en listas.inf.utfsm.cl>
Sent: Thursday, June 03, 2004 3:42 PM
Subject: problemas con freeswan


> estoy intentando conectar 2 redes via freeswan pero me da el siguiente
error
> cuando levanto los dos servers
>
> ipsec__plutorun: ipsec_auto: fatal error in "packetdefault": %defaultroute
> requested but not known
> ipsec__plutorun: ipsec_auto: fatal error in "block": %defaultroute
requested
> but not known
> ipsec__plutorun: ipsec_auto: fatal error in "clear-or-private":
> %defaultroute requested but not known
> ipsec__plutorun: ipsec_auto: fatal error in "clear": %defaultroute
requested
> but not known
> ipsec__plutorun: ipsec_auto: fatal error in "private-or-clear":
> %defaultroute requested but not known
> ipsec__plutorun: ipsec_auto: fatal error in "private": %defaultroute
> requested but not known
> ipsec__plutorun: 021 no connection named "packetdefault"
> ipsec__plutorun: ...could not route conn "packetdefault"
> ipsec__plutorun: 021 no connection named "block"
> ipsec__plutorun: ...could not route conn "block"
> ipsec__plutorun: 021 no connection named "clear-or-private"
> ipsec__plutorun: ...could not route conn "clear-or-private"
> ipsec__plutorun: 021 no connection named "clear"
> ipsec__plutorun: ...could not route conn "clear"
> ipsec__plutorun: 021 no connection named "private-or-clear"
> ipsec__plutorun: ...could not route conn "private-or-clear"
> ipsec__plutorun: 021 no connection named "private"
> ipsec__plutorun: ...could not route conn "private"
>
> lo estoy implementando en unos fedora core 1 con todos los updates (kernel
> 2.4.22-1.2174.nptl) y la version del freeswan es 2.06
>
> Gracias por sus comentarios

Más información sobre la lista de distribución Linux