LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
Reload this Page OpenSwan missing verification
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 01-05-2010, 04:22 PM   #1
qwertyjjj
Senior Member
 
Registered: Jul 2009
Location: UK
Distribution: Cent OS5 with Plesk
Posts: 1,013

Rep: Reputation: 30
OpenSwan missing verification

I am trying to install OpenSwan VPN but get the following [FAILED] errors.
I also changed the redirects but it still reports them as failed?
Quote:

[root@localhost /]# /sbin/sysctl -w net.ipv4.conf.all.accept_redirects=0
net.ipv4.conf.all.accept_redirects = 0
[root@localhost /]# /sbin/sysctl -w net.ipv4.conf.all.send_redirects=0
net.ipv4.conf.all.send_redirects = 0
[root@localhost /]# ipsec verify
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path [OK]
Linux Openswan U2.6.21/K2.6.18-92.el5 (netkey)
Checking for IPsec support in kernel [OK]
NETKEY detected, testing for disabled ICMP send_redirects [FAILED]

Please disable /proc/sys/net/ipv4/conf/*/send_redirects
or NETKEY will cause the sending of bogus ICMP redirects!

NETKEY detected, testing for disabled ICMP accept_redirects [OK]
Checking for RSA private key (/etc/ipsec.secrets) [OK]
Checking that pluto is running [OK]
Two or more interfaces found, checking IP forwarding [OK]
Checking NAT and MASQUERADEing [OK]
Checking for 'ip' command [OK]
Checking for 'iptables' command [OK]

Opportunistic Encryption DNS checks:
Looking for TXT in forward dns zone: server88-xxx-xxx-198.live-servers.net [ MISSING]
Does the machine have at least one non-private address? [OK]
Looking for TXT in reverse dns zone: 198.xxx.xxx.88.in-addr.arpa. [MISSING ]
Looking for TXT in reverse dns zone: 199.xxx.xxx.88.in-addr.arpa. [MISSING ]
[root@localhost /]#
Last edited by qwertyjjj; 01-05-2010 at 04:38 PM.
 
Old 01-06-2010, 01:39 AM   #2
qwertyjjj
Senior Member
 
Registered: Jul 2009
Location: UK
Distribution: Cent OS5 with Plesk
Posts: 1,013

Original Poster
Rep: Reputation: 30
This talks about configuring the left hand side of the VPN IP Address?
I thought the whole point of VPN was that it could be connected to from ANY external computer?
http://www.linuxhomenetworking.com/w...ing_Linux_VPNs
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
openswan 2.1.1 Giovanni26 Linux - Security 5 01-07-2010 11:44 AM
Openswan Evgeny Linux - Security 4 01-07-2010 11:43 AM
Openswan Up eagle710 Linux - Networking 0 03-06-2008 01:28 PM
openswan amsri Linux - Software 1 01-13-2006 11:11 PM
openswan Circuit Monkey Linux - Newbie 1 03-22-2005 02:30 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 08:15 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration