Re: [Users]A big problem about configure FreeS/WAN IPV6Patch!

Wed, 06 Aug 2003 05:45:41 -0700 

Dear Gerhard

After receive you last e-mail, I make two experiments.

1. I try to establish a tunnel mode connection between the 2 hosts like this:
conn hp100-hp200
        [EMAIL PROTECTED]
        leftrsasigkey=0sAQO...
        leftsubnet=2001:250:f006:2::1/64
        [EMAIL PROTECTED]
        rightrsasigkey=0sAQO...
        right=2001:250:f006:1::451
        rightsubnet=2001:250:f006:3::1/64
        keyingtries=2
        ikelifetime=30m
        keylife=10m
        rekeymargin=30s
        rekeyfuzz=1%
        authby=rsasig
        type=tunnel
        connaddrfamily=ipv6
        auto=add
Then I start the connection of "hp100-hp200", it's still the same error.
2. I remove the IPV4 address of every NIC, delete FreeS/WAN on two hosts and make 
FreeS/WAN with IPV6 Patch again. Then I verify the FreeS/WAN:
[EMAIL PROTECTED] lorry]# ipsec verify
Checking for KLIPS support in kernel                        [OK]
Checking for RSA private key (/etc/ipsec.secrets)           [OK]
Checking that pluto is running                              [OK]
Checking if IPchains has port 500 hole (all)                accepted
[OK]
Checking if IPchains has port 500 hole (default)            accepted
[OK]
Checking if IPchains has port 500 hole (eth0)               accepted
[OK]
Checking if IPchains has port 500 hole (eth1)               accepted
[OK]
Checking if IPchains has port 500 hole (ipsec0)             accepted
[OK]
Checking if IPchains has port 500 hole (lo)                 accepted
[OK]
DNS checks.
Looking for forward key for HP100.ntl.ict.ac.cn             [OK]
Does the machine have at least one non-private address      [failed]

If I start the connection of "hp100-hp200" brutely, it will display an error.
[EMAIL PROTECTED] lorry]# ipsec auto --up hp100-hp200
022 "hp100-hp200" we have no ipsecN interface for either end of this connection

I hear that IPV6 Patch doesn't utilize the virtual IPSEC interface like in IPv4. But 
how to explain the phenomena?

I feel too upset to continue. Can you tell me which version of Suse linux you use and 
your recommend configuration of kenerl, network, route and FreeS/WAN. Can you find 
something wrong with my configuration from my last mail? Please help me. Thanks in 
advance.

Lorry
 






_______________________________________________
FreeS/WAN Users mailing list
[EMAIL PROTECTED]
https://mj2.freeswan.org/cgi-bin/mj_wwwusr

Reply via email to