Whe are trying to get ipsec to work on our ubuntuserver 10.10
When starting ipsec it says :
ipsec_setup: Starting Openswan IPsec 2.6.26...
ipsec_setup: No KLIPS support found while requested, desperately falling back to netkey
ipsec_setup: NETKEY support found. Use protostack=netkey in /etc/ipsec.conf to avoid attempts to use KLIPS. Attempting to continue with NETKEY
Whe need KLIPS because the hardware firewall on the other side is using KLIPS
The command ipsec verify gives :
# ipsec verify
/usr/local/sbin/ipsec: unknown IPsec command `verify' (`ipsec --help' for list)
# plutodebug / klipsdebug = "all", "none" or a combation from below:
# "raw crypt parsing emitting control klips pfkey natt x509 private"
# plutodebug="control parsing"
# Only enable klipsdebug=all if you are a developer
# NAT-TRAVERSAL support, see README.NAT-Traversal
# enable this if you see "failed to find any available worker"
#Disable Opportunistic Encryption
# Add connections here
# sample VPN connections, see /etc/ipsec.d/examples/
And my ipsec.customer.conf:
## Gateway-to-gateway: Customer <-> Ourselves
# Left side is Customer
# Right side is Ourselves
And a piece of my syslog:
Nov 26 11:31:10 gw002 ipsec_setup: Using KLIPS/legacy stack
Nov 26 11:31:11 gw002 ipsec_setup: No KLIPS support found while requested, desperately falling back to netkey
Nov 26 11:31:11 gw002 ipsec_setup: NETKEY support found. Use protostack=netkey in /etc/ipsec.conf to avoid attempts to use KLIPS. Attempting to continue with NETKEY
Nov 26 11:31:11 gw002 ipsec_setup: Using NETKEY(XFRM) stack
Nov 26 11:31:11 gw002 ipsec_setup: ...Openswan IPsec started
Nov 26 11:31:11 gw002 ipsec__plutorun: adjusting ipsec.d to /etc/ipsec.d
Nov 26 11:31:11 gw002 pluto: adjusting ipsec.d to /etc/ipsec.d
Nov 26 11:31:11 gw002 ipsec__plutorun: 002 added connection description "customer-ourselves"
Nov 26 11:31:11 gw002 ipsec__plutorun: 104 "customer-ourselves" #1: STATE_MAIN_I1: initiate
Hope somebody can help me out on this.