2008-01-24 08:17:07 Freeswan/uClinux using pluto and whack: ipsec0 not found
Aparna Dutta (INDIA)
Message: 50093 I am trying to get the uClinux ported Freeswan to work on Analog Devices BF561.
Since the wrapper ipsec scripts are not available on uClinux FreeSwan, I am trying to use pluto and whack commands directly as follows:
$ pluto –interface ipsec0 &
$ whack –debug-all
$ whack –name westeast –id aa.bb.cc.dd –host aa.bb.cc.dd –to –id pp.q.rr.ss –host –pp.qq.rr.ss –rsasig –tunnel –esp AES-MD5-2048
$ whack –keyid pp.qq.rr.ss <PUBLICRSAKEYOFTHEOTHERHOST>
$ whack –listen
The first 4 commands are successful, but the last listen command gives:
$ No public interfaces found
Since this is freeswan, it must be using the KLIPS stack which requires the ipsecN interface. So I try
$ tncfg –attach –virtual ipsec0 –physical eth0
This gives $ tncfg: Socket ioctl failed on attach. –No such device. Is the virtual device valid? Is the ipsec module linked into the kernel or loaded as module?
The logs in /var/log/messages show:
Found eth0 with address aa.bb.cc.dd
IP interface eth0 with address aa.bb.cc.dd has no matching ipsec* interface –ignored
Found lo with address 0000:0000:…0001
IP interface lo with address 000…0001 has no matching ipsec* interface –ignored
This means that it is looking for an installed ipsec0 interface. How do I go about registering/installing a virtual network interface ipsec0?
Thanks and regards,
Aparna
QuoteReplyEditDelete
2008-01-24 11:25:13 Re: Freeswan/uClinux using pluto and whack: ipsec0 not found
Mike Frysinger (UNITED STATES)
Message: 50104 i dont think anyone around here has really tested ipsec, so you may have better luck asking on the ipsec mailing lists