Hi Charles,
I am running a Dachstein CD 1.0.2. I got it working as a gateway. Now I am tring to
configure the ipsec module and when
I start my machine I get an error in /var/log/daemon.log
Jun 30 01:11:24 babylon ipsec_setup: (/etc/ipsec.conf, line 2) section header ^M has
wrong number of fields (1) --
`start' aborted
I dont see any messages regarding ipsec in /var/log/messages. This is the ipsec.conf I
use;
# /etc/ipsec.conf - FreeS/WAN IPsec configuration file
# More elaborate and more varied sample configurations can be found
# in FreeS/WAN's doc/examples file, and in the HTML documentation.
# basic configuration
config setup
# THIS SETTING MUST BE CORRECT or almost nothing will work;
# %defaultroute is okay for most simple cases.
interfaces=%defaultroute
# Debug-logging controls: "none" for (almost) none, "all" for lots.
klipsdebug=all
plutodebug=all
# Use auto= parameters in conn descriptions to control startup actions.
plutoload=%search
plutostart=%search
# Close down old connection when new one using same ID shows up.
uniqueids=yes
# defaults for subsequent connection descriptions
conn %default
# How persistent to be in (re)keying negotiations (0 means very).
type=tunnel
keyexchange=ike
keyingtries=0
keylife=8h
disablearrivalcheck=no
# RSA authentication with keys from DNS.
authby=rsasig
#leftrsasigkey=%dns
#rightrsasigkey=%dns
pfs=yes
# connection description for (experimental!) opportunistic encryption
# (requires KEY record in your DNS reverse map; see doc/opportunism.howto)
#conn me-to-anyone
# left=%defaultroute
# right=%opportunistic
# uncomment to enable incoming; change to auto=route for outgoing
#auto=add
#
conn roadwarrior
left=%any
leftrsasigkey=0x0....
auto=start
#
conn mer-amh
# Left security gateway, subnet behind it, next hop toward right.
left= 24.72.35.147
leftsubnet=10.7.0.0/24
#leftsubnet=192.168.3.0/24
leftnexthop=24.72.35.1
leftfirewall=yes
# Right security gateway, subnet behind it, next hop toward left.
right=24.72.35.91
rightsubnet=192.168.1.0/24
rightnexthop=24.72.35.1
rightfirewall=yes
# Authorize this connection, but don't actually start it, at startup.
auto=add
# To use RSA authentication (not legal in US until 20 Sept 2000),
# uncomment this next line.
authby=rsasig
leftrsasigkey=0x0......
rightrsasigkey=0s......
# sample VPN connection
#conn sample
# Left security gateway, subnet behind it, next hop toward right.
# #left=10.0.0.1
# #leftsubnet=172.16.0.0/24
# #leftnexthop=10.22.33.44
# Right security gateway, subnet behind it, next hop toward left.
# #right=10.12.12.1
# #rightsubnet=192.168.0.0/24
#rightnexthop=10.101.102.103
# To authorize this connection, but not actually start it, at startup,
# uncomment this.
#auto=add
Thank you
Abjin
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
