dear all, i've been running ipsec-tunnels in FC10 from 2 different computers to my ZyWall. after upgrading to FC11 these vpn-connections do not work anymore (on both clients). it seems like pluto crashes ... /var/log/messages: Jun 27 08:38:25 krebslap ipsec__plutorun: 003 "cuisine" #1: multiple transforms were set in aggressive mode. Only first one used. Jun 27 08:38:25 krebslap ipsec__plutorun: 003 "cuisine" #1: transform (5,1,2,0) ignored. Jun 27 08:38:25 krebslap ipsec__plutorun: 003 "cuisine": pluto_do_crypto: helper (-1) is exiting Jun 27 08:38:25 krebslap ipsec__plutorun: 003 "cuisine" #1: multiple transforms were set in aggressive mode. Only first one used. Jun 27 08:38:25 krebslap ipsec__plutorun: 003 "cuisine" #1: transform (5,1,2,0) ignored. Jun 27 08:38:25 krebslap ipsec__plutorun: 112 "cuisine" #1: STATE_AGGR_I1: initiate Jun 27 08:38:26 krebslap ipsec__plutorun: /usr/libexec/ipsec/_plutorun: line 232: 4665 Aborted /usr/libexec/ipsec/pluto --nofork --secretsfile /etc/ipsec.secrets --ipsecdir /etc/ipsec.d --use-netkey --uniqueids --nat_traversal --virtual_private oe=off --nhelpers 0 Jun 27 08:38:26 krebslap ipsec__plutorun: !pluto failure!: exited with error status 134 (signal 6) Jun 27 08:38:26 krebslap ipsec__plutorun: restarting IPsec after pause... /var/log/secure: Jun 27 08:39:01 krebslap pluto[5693]: packet from A.B.C.D:500: OAKLEY_PRESHARED_KEY: Not Supported with NSS Jun 27 08:39:01 krebslap pluto[5693]: packet from A.B.C.D:500: ASSERTION FAILED at /builddir/build/BUILD/openswan-2.6.21/programs/pluto/crypt_dh.c:446: case 1 unexpected and Jun 27 08:39:01 krebslap pluto[5693]: packet from A.B.C.D:500: virtual_private (%priv): Jun 27 08:39:01 krebslap pluto[5693]: packet from A.B.C.D:500: - allowed 0 subnets: Jun 27 08:39:01 krebslap pluto[5693]: packet from A.B.C.D:500: - disallowed 0 subnets: Jun 27 08:39:01 krebslap pluto[5693]: packet from A.B.C.D:500: WARNING: Either virtual_private= was not specified, or there was a syntax Jun 27 08:39:01 krebslap pluto[5693]: packet from 86.59.114.162:500: error in that line. 'left/rightsubnet=%priv' will not work! /etc/ipsec.d/cuisine.conf conn cuisine type=tunnel auto=start auth=esp authby=secret pfs=yes keyingtries=0 left=192.168.0.3 leftid=backup@xxxxxxxxxx leftsubnet=192.168.0.3/32 right=A.B.C.D rightsubnet=10.0.0.0/24 rightid=A.B.C.D keyexchange=ike ike=3des-md5 aggrmode=yes keylife=8h ikelifetime=1h esp=3des-sha1 any suggestions?????? ciao H. -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
