Nick Howitt
2009-10-16 13:51:13 UTC
Hi,
Reading the ipsec.conf manual, it says that with NETKEY it says
interfaces=%none must be used. I've been using interfaces=%defaultroute
up to now with no problems. When I changed it to %none and restarted
ipsec, i got the following errors in /var/log/messages:
Oct 16 14:37:46 server ipsec__plutorun: 022 connection must specify host
IP address for our side
Oct 16 14:37:46 server ipsec__plutorun: 037 attempt to load incomplete
connection
Oct 16 14:37:46 server ipsec__plutorun: 022 connection must specify host
IP address for our side
Oct 16 14:37:46 server ipsec__plutorun: 037 attempt to load incomplete
connection
and in /var/log/secure:
Oct 16 14:38:49 server pluto[7423]: connection must specify host IP
address for our side
Oct 16 14:38:49 server pluto[7423]: attempt to load incomplete connection
and my tunnels failed to come up.
In my conns I use left=%defaultroute.
Am I correct in assuming the manual is incorrect and
interfaces=%defaultroute is valid with NETKEY?
Regards,
Nick
Reading the ipsec.conf manual, it says that with NETKEY it says
interfaces=%none must be used. I've been using interfaces=%defaultroute
up to now with no problems. When I changed it to %none and restarted
ipsec, i got the following errors in /var/log/messages:
Oct 16 14:37:46 server ipsec__plutorun: 022 connection must specify host
IP address for our side
Oct 16 14:37:46 server ipsec__plutorun: 037 attempt to load incomplete
connection
Oct 16 14:37:46 server ipsec__plutorun: 022 connection must specify host
IP address for our side
Oct 16 14:37:46 server ipsec__plutorun: 037 attempt to load incomplete
connection
and in /var/log/secure:
Oct 16 14:38:49 server pluto[7423]: connection must specify host IP
address for our side
Oct 16 14:38:49 server pluto[7423]: attempt to load incomplete connection
and my tunnels failed to come up.
In my conns I use left=%defaultroute.
Am I correct in assuming the manual is incorrect and
interfaces=%defaultroute is valid with NETKEY?
Regards,
Nick