2008-01-24 08:17:07     Freeswan/uClinux using pluto and whack: ipsec0 not found

Document created by Aaronwu Employee on Aug 5, 2013
Version 1Show Document
  • View in full screen mode

2008-01-24 08:17:07     Freeswan/uClinux using pluto and whack: ipsec0 not found

Aparna Dutta (INDIA)

Message: 50093    I am trying to get the uClinux ported Freeswan to work on Analog Devices BF561.

 

Since the wrapper ipsec scripts are not available on uClinux FreeSwan, I am trying to use pluto and whack commands directly as follows:

 

$ pluto –interface ipsec0 &

 

$ whack –debug-all

 

$ whack –name westeast –id aa.bb.cc.dd –host aa.bb.cc.dd –to –id pp.q.rr.ss –host –pp.qq.rr.ss –rsasig –tunnel –esp AES-MD5-2048

 

$ whack –keyid pp.qq.rr.ss <PUBLICRSAKEYOFTHEOTHERHOST>

 

$ whack –listen

 

The first 4 commands are successful, but the last listen command gives:

 

$ No public interfaces found

 

Since this is freeswan, it must be using the KLIPS stack which requires the ipsecN interface. So I try

 

$ tncfg –attach –virtual ipsec0 –physical eth0

 

This gives $ tncfg: Socket ioctl failed on attach. –No such device. Is the virtual device valid? Is the ipsec module linked into the kernel or loaded as module?

 

The logs in /var/log/messages show:

 

Found eth0 with address aa.bb.cc.dd

 

IP interface eth0 with address aa.bb.cc.dd has no matching ipsec* interface –ignored

 

Found lo with address 0000:0000:…0001

 

IP interface lo with address 000…0001 has no matching ipsec* interface –ignored

 

This means that it is looking for an installed ipsec0 interface. How do I go about registering/installing a virtual network interface ipsec0?

 

Thanks and regards,

 

Aparna

QuoteReplyEditDelete

 

 

2008-01-24 11:25:13     Re: Freeswan/uClinux using pluto and whack: ipsec0 not found

Mike Frysinger (UNITED STATES)

Message: 50104    i dont think anyone around here has really tested ipsec, so you may have better luck asking on the ipsec mailing lists

Attachments

    Outcomes