Review your favorite Linux distribution.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 03-22-2013, 01:08 PM   #1
LQ Newbie
Registered: Oct 2012
Posts: 9

Rep: Reputation: Disabled
Openswan does not connect when using sha256 (RHEL 6.2)

I am trying to connect openswan 2.6.16 on two RHEL 6.2 (kernel 2.6.32-220) virtual machines (gateway1 and gateway2) using IKEv2. It all works well and makes tunnel with ESP authentication algorithms md5 and sha1 but when I pass sha2_256 in ipsec.conf file i.e. "phase2alg=aes256-sha2_256", pluto tells me (in /var/log/secure) that it has sent I2 message and expects R2 message and then nothing further happens.

I have also checked the traffic in wireshark(on gateway1) and it happens that only three messages are exchanged between gateway1 and gateway2 i.e. gateway1---->gateway2(ike_sa_init), gateway2---->gateway1(ike_sa_init), gateway1---->gateway2(ike_auth) and then 4th message never arrives at gateway1.

I think that there happens some confusion between gateway1 and gateway2 when using sha2 family of functions because sha1 works all fine.

Has any one experienced this problem before? Any help would appreciated. Thanks.

Note: I am not using redhat's build of openswan and I dont want to because of some compulsions instead I am using openswan downloaded from openswan project page.


openswan, redhat, rhel 6, vpn

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Need urgent help to connect from Openswan in CentOS to a Sonicwall router sudipdutta1978 Linux - Networking 1 11-19-2012 08:26 AM
Checking ISO with SHA256 on XP oldgot Linux - Newbie 3 10-09-2009 12:47 AM
freebsd-update problem sha256 burnticarus *BSD 3 12-18-2008 11:33 PM
CentOS 5/RHEL 5 ipsec. Is OpenSwan necessary on a 2.6.18x kernel? req_info Linux - Software 0 10-21-2008 09:43 PM
sha256 not working on Linux 64 bit system sjain Programming 1 05-28-2008 04:56 PM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 07:16 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration