Hello Murali, it seems that strongSwan was already running. Did you try
ipsec restart if the connection is still not known then probably a syntax error occurred in the connection definition. Execute the command ipsec reload and check if any syntax errors are written to the log. Regards Andreas On 23.08.2011 15:00, Chakravarthy, Chintagunta Murali Mohan (HPUX-Network Security) wrote: > Hi, > > I’m a newbie to Strongswan. I’m trying to do Interoperability testing > between Strongswan IPsec implementation and HPUX –IPSec. > > I’m having some initial hiccups. > > I’m getting following error “021 no connection named "hpux"” > > I have choosen unbuntu to install strongswan I have installed following > version of strongswan > > root@XXXX:~# ipsec version > > Linux strongSwan U4.3.2/K2.6.34 > > Institute for Internet Technologies and Applications > > University of Applied Sciences Rapperswil, Switzerland > > See 'ipsec --copyright' for copyright information. > > I have following ipsec.conf file. > > root@XXXX:~# cat /etc/ipsec.conf > > # ipsec.conf - strongSwan IPsec configuration file > > > > # basic configuration > > > > config setup > > # plutodebug=all > # crlcheckinterval=600 > # strictcrlpolicy=yes > # cachecrls=yes > # nat_traversal=yes > charonstart=yes > plutostart=yes > > # Add connections here. > > > > # Sample VPN connections > > > > #conn sample-self-signed > > # left=%defaultroute > > # leftsubnet=10.1.0.0/16 > > # leftcert=selfCert.der > > # leftsendcert=never > > # right=192.168.0.2 > > # rightsubnet=10.2.0.0/16 > > # rightcert=peerCert.der > > # auto=start > > > > #conn sample-with-ca-cert > > # left=%defaultroute > > # leftsubnet=10.1.0.0/16 > > # leftcert=myCert.pem > > # right=192.168.0.2 > > # rightsubnet=10.2.0.0/16 > > # rightid="C=CH, O=Linux strongSwan CN=peer name" > > # keyexchange=ikev2 > > # auto=start > > > > conn %default > > ikelifetime=60m > > keylife=20m > > rekeymargin=3m > > keyingtries=1 > > keyexchange=ikev1 > > auth=ah > > ike=3des-sha > > esp=3des-sha1 > > > > conn hpux > > auto=add > > type=transport > > authby=secret > > left=192.168.0.2 > > leftnexthop=%defaultroute > > right=10.1.0.1 > > rightnexthop=%defaultroute > > > > include /var/lib/strongswan/ipsec.conf.inc > > > > > > > > /etc/ipsec.secrets > > > > # This file holds shared secrets or RSA private keys for inter-Pluto > > # authentication. See ipsec_pluto(8) manpage, and HTML documentation. > > > > # RSA private key for this host, authenticating it to any other host > > # which knows the public part. Suitable public keys, for ipsec.conf, DNS, > > # or configuration of other implementations, can be extracted conveniently > > # with "ipsec showhostkey". > > > > # this file is managed with debconf and will contain the automatically > created private key > > include /var/lib/strongswan/ipsec.secrets.inc > > > > %any %any: PSK "ipsec1234" > > > > > > Following this I have done ipsec start > > > > > > Starting strongSwan 4.3.2 IPsec [starter]... > > pluto is already running (/var/run/pluto.pid exists) -- skipping pluto start > > charon is already running (/var/run/charon.pid exists) -- skipping > charon start > > starter is already running (/var/run/starter.pid exists) -- no fork done > > > > and > > > > ipsec up hpux > > > > root@XXXX:~# ipsec up hpux > > 021 no connection named "hpux" > > > > > > I googled a little bit and found that I need to add auto=add in the > /etc/ipsec.conf. But it didn’t help. > > > > Can someone please help resolving this. > > > > Thanks, > > Murali ====================================================================== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===========================================================[ITA-HSR]== _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
