Package: openswan Version: 1:2.6.21+dfsg-2 Severity: normal
After a clean install of openswan, it fails to start; throwing this into syslog every 10 seconds or so: Jul 20 19:29:19 nacelle ipsec_setup: Restarting Openswan IPsec U2.6.21/K2.6.26-2-amd64... Jul 20 19:29:19 nacelle ipsec_setup: Using NETKEY(XFRM) stack Jul 20 19:29:19 nacelle kernel: [6914004.525186] Initializing XFRM netlink socket Jul 20 19:29:19 nacelle ipsec_setup: ...Openswan IPsec started Jul 20 19:29:19 nacelle pluto: adjusting ipsec.d to /etc/ipsec.d Jul 20 19:29:19 nacelle ipsec__plutorun: adjusting ipsec.d to /etc/ipsec.d Jul 20 19:29:19 nacelle racoon: INFO: unsupported PF_KEY message REGISTER Jul 20 19:29:19 nacelle last message repeated 2 times Jul 20 19:29:19 nacelle ipsec__plutorun: 003 FATAL ERROR: bind() failed in find_raw_ifaces4(). Errno 98: Address already in use Jul 20 19:29:19 nacelle ipsec__plutorun: !pluto failure!: exited with error status 1 Jul 20 19:29:19 nacelle ipsec__plutorun: restarting IPsec after pause... Jul 20 19:29:29 nacelle ipsec_setup: Stopping Openswan IPsec... Jul 20 19:29:30 nacelle ipsec_setup: ERROR: Module af_key is in use Jul 20 19:29:30 nacelle ipsec_setup: ...Openswan IPsec stopped By reading this page http://www.linuxquestions.org/questions/linux-networking-3/need-vpn-server-on-fc2-to-host-winxp-remote-clients-391972/ I determined that modprobe ip_gre is required. Having done that, it now starts successfully. -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages openswan depends on: ii bind9-host [hos 1:9.5.1.dfsg.P2-1+lenny1 Version of 'host' bundled with BIN ii bsdmainutils 6.1.10 collection of more utilities from ii debconf [debcon 1.5.27 Debian configuration management sy ii debianutils 3.2 Miscellaneous utilities specific t ii iproute 20090324-1 networking and traffic control too ii ipsec-tools 1:0.7.1-1.5 IPsec tools for Linux ii libc6 2.9-12 GNU C Library: Shared libraries ii libcurl3 7.19.5-1 Multi-protocol file transfer libra ii libgmp3c2 2:4.2.4+dfsg-8.1 Multiprecision arithmetic library ii libldap-2.4-2 2.4.11-1 OpenLDAP libraries ii libpam0g 1.0.1-9 Pluggable Authentication Modules l ii openssl 0.9.8k-3 Secure Socket Layer (SSL) binary a openswan recommends no packages. Versions of packages openswan suggests: ii curl 7.19.5-1 Get a file from an HTTP, HTTPS or pn openswan-modules-source | lin <none> (no description available) -- debconf information excluded -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
