IPSEC support before and after using an L2TP VPN connection
I did a Restart, then:
~# ipsec verify
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path [OK]
Linux Openswan U2.6.28/K(no kernel code presently loaded)
Checking for IPsec support in kernel [FAILED]
Checking that pluto is running [FAILED]
whack: Pluto is not running (no "/var/run/
Two or more interfaces found, checking IP forwarding [FAILED]
whack: Pluto is not running (no "/var/run/
Checking for 'ip' command [OK]
Checking for 'iptables' command [OK]
Opportunistic Encryption Support [DISABLED]
So it seems IPSec support failed.
Then I start one of my VPN connection (I couldn't successfully set it up yet, so it fails with 'Maximum retries exceeded for tunnel")
Then I run 'ipsec verify' again:
~# ipsec verify
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path [OK]
Linux Openswan U2.6.28/
Checking for IPsec support in kernel [OK]
NETKEY detected, testing for disabled ICMP send_redirects [OK]
NETKEY detected, testing for disabled ICMP accept_redirects [OK]
Checking that pluto is running [OK]
Pluto listening for IKE on udp 500 [OK]
Pluto listening for NAT-T on udp 4500 [OK]
Two or more interfaces found, checking IP forwarding [FAILED]
Checking for 'ip' command [OK]
Checking for 'iptables' command [OK]
Opportunistic Encryption Support [DISABLED]
So IPsec support in kernel is now OK.
I'm not a kernel guru, but shouldn't be it supported immediately after reboot? It looks like running L2TP VPN connection sets something, which makes 'ipsec' notice that kernel supports IPsec.
Question information
- Language:
- English Edit question
- Status:
- Solved
- Assignee:
- No assignee Edit question
- Solved by:
- Werner Jaeger
- Solved:
- Last query:
- Last reply: