OpenSwan missing verification
I am trying to install OpenSwan VPN but get the following [FAILED] errors.
I also changed the redirects but it still reports them as failed?
Quote:
[root@localhost /]# /sbin/sysctl -w net.ipv4.conf.all.accept_redirects=0
net.ipv4.conf.all.accept_redirects = 0
[root@localhost /]# /sbin/sysctl -w net.ipv4.conf.all.send_redirects=0
net.ipv4.conf.all.send_redirects = 0
[root@localhost /]# ipsec verify
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path [OK]
Linux Openswan U2.6.21/K2.6.18-92.el5 (netkey)
Checking for IPsec support in kernel [OK]
NETKEY detected, testing for disabled ICMP send_redirects [FAILED]
Please disable /proc/sys/net/ipv4/conf/*/send_redirects
or NETKEY will cause the sending of bogus ICMP redirects!
NETKEY detected, testing for disabled ICMP accept_redirects [OK]
Checking for RSA private key (/etc/ipsec.secrets) [OK]
Checking that pluto is running [OK]
Two or more interfaces found, checking IP forwarding [OK]
Checking NAT and MASQUERADEing [OK]
Checking for 'ip' command [OK]
Checking for 'iptables' command [OK]
Opportunistic Encryption DNS checks:
Looking for TXT in forward dns zone: server88-xxx-xxx-198.live-servers.net [ MISSING]
Does the machine have at least one non-private address? [OK]
Looking for TXT in reverse dns zone: 198.xxx.xxx.88.in-addr.arpa. [MISSING ]
Looking for TXT in reverse dns zone: 199.xxx.xxx.88.in-addr.arpa. [MISSING ]
[root@localhost /]#
|
Last edited by qwertyjjj; 01-05-2010 at 04:38 PM.
|