Re: [leaf-user] IPSEC pluto errors
Scott A. Young wrote: Erich, thanks for the info. So then I *_do_* need to generate certificates even if I'm just using pre-shared keys? IFAIK _no_, just make sure you do not have an empty file where a cert would be searched for. The code I looked at would do that weird thing with a file of length zero. Erich --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] IPSEC pluto errors
Erich, thanks for the info. So then I *_do_* need to generate certificates even if I'm just using pre-shared keys? Scott. - Scott Young Network Integration Solutions Inc. Phone: 780-461-3371 Fax: 780-465-7270 email: [EMAIL PROTECTED] -Original Message- From: Erich Titl [mailto:[EMAIL PROTECTED] Sent: Tuesday, November 23, 2004 6:04 AM To: Scott A. Young Cc: [EMAIL PROTECTED] Subject: Re: [leaf-user] IPSEC pluto errors Scott Scott A. Young wrote: Hi All, I'm also back on the subnet-to-subnet ipsec setup. Even with all the info on the list and archives, I'm at a loss. Both ends of connection are bering-uclibc v2.2.1 boxes w/ipsec. According to the bering userguide chapter 15, you don't need certificates if your using pre-shared keys. But, I'm getting the following errors, and I'm wondering if it's related some how. So what's up with the FATAL ERROR? It would seem without pluto, my ipsec configuration is unable to start? I can supply full details if required, but I'm hoping it's something much simpler then that. I had a look at the code, is it possible that you have an empty certificate file, possibly called cert? Else you can contact Andreas Steffen on the StrongSwan list. cheers Erich --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] CF DOM errors
I get hda: packet command error: status=0x51 { DriveReady SeekComplete Error } hda: packet command error: error=0x50 today, on a non-LEAF box I'm playing with. Curiously hda is a CD-ROM - I get it any time I try to mount /dev/hda and there's no CD inserted. For a h/d, IIRC it comes up only once, at boot up (I've seen it before on on a 100 MB ole IDE h/d. My research at the time led me to conclude to ignore it cuz it's harmless, as Matthew said.) scott; canada Roger E McClurg wrote: I have a test machine that has a CF. I can boot from the CF, and access it normally, but it gets the following errors: {DriveReady SeekComplete Error} {DriveStatus Error} I have tried a number of different CF brands, but all have the same result. Does anyone have an idea what the problem is? Best Regards, Roger McClurg [EMAIL PROTECTED] --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] dnscache inconsistent
Thanks for the info. Installed and configured dnsmasq and seems to be working well. I did had some problems getting it to respond on only one interface but it looks like it worked itself out. Thanks ALParada wrote: Hello, I'm having problems with what I think can only be dnscache. I am using uClibc 2.1.0 with Shorewall and Openvpn. Dnscache is setup to forward to my internal DNS. Openvpn is setup to use dnscache as the primary dns on the config file. Somtimes it simply doesn't resolve. I have tried it from the console and sometimes it works, sometimes it doesn't. Sometimes it will resolve a host on my internal lan then 20 seconds later tell me unknown host. It doesn't sound like it is caching anything. I have setup Ethereal on my internal DNS hoping to capture traffic between it and dnscache, but alot of traffic doesn't get logged. I am thinking it simply doesn't send the request to the forwarder. I don't have the tools installed, so no log files are generated. Is dnscache supposed to be reliable and stable or does it have issues? All I really need is a caching DNS since my internal lan already has two DNS servers. Would I be better of with another package? Any suggestions are greatly appreciated. TIA I switched to dnsmasq and found it stable. I abandoned dnscache because it periodically would fail for a few seconds but then give the correct result next attempt. I never bothered to find out why, perhaps I had it incorrectly configured. When I swtiched to dnsmasq - my problems went away. --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html