IPSec VPN tunnel errors, replaced 1.2 with 2.0 …can't get tunnel up



  • Was running 1.2 for over a year at home, had a full time IPSec tunnel between it and my office, a Linksys/Cisco RV082 at the office.  Was running great, always up.

    With 2.0…did same settings (I believe)..but cannot get the tunnel up.  In services I cannot get the Racoon service to start.

    IPSec log snippet below....can anyone point me in a direction to correct this?

    "Mar 19 15:00:58 racoon: INFO: @(#)ipsec-tools 0.7.1 (http://ipsec-tools.sourceforge.net)
    Mar 19 15:00:58 racoon: INFO: @(#)This product linked OpenSSL 0.9.8e 23 Feb 2007 (http://www.openssl.org/)
    Mar 19 15:00:58 racoon: INFO: Reading configuration from "/var/etc/racoon.conf"
    Mar 19 15:00:58 racoon: INFO: Resize address pool from 0 to 255
    Mar 19 15:00:58 racoon: ERROR: /var/etc/racoon.conf:21: "d" syntax error
    Mar 19 15:00:58 racoon: ERROR: fatal parse failure (1 errors)"



  • I'd start with a fresh clean install and NOT restore your settings from a config backup, redo them by hand and save a new backup of your config when done.

    I have two ipsec tunnels working fine on 2.0 for some time. One to a cisco pix and another to pfsense 1.2.3, As of 2.0-ALPHA-ALPHA built on Wed Mar 18 22:23:06 EDT 2009 my IPSEC tunnels are up and working.

    I do have some trouble with NAT redirect in this build however. And also log display.



  • Thanks for the reply.
    I built it from scratch, no import of config from prior version.
    I updated to the latest….still no luck, although I now have the failure to display the log that you mentioned.  ???

    I'll try a fresh rebuild from scratch again this weekend.



  • Did you try and check the prefer older IPsec in the advanced tab?



  • @Accounts:

    Did you try and check the prefer older IPsec in the advanced tab?

    I did not…I just went and looked for it..found it...put a check in it, save, went to services...tried to start Racoon, it still remains in a "stopped" status.

    Did not find time to rebuild over this past weekend.



  • It would help if you provided a piece of the broken racoon.conf configuration file so we can see what causes the parse error.



  • @databeestje:

    It would help if you provided a piece of the broken racoon.conf configuration file so we can see what causes the parse error.

    Thanks for posting, as requested:
    Apr 6 01:17:33 racoon: INFO: @(#)ipsec-tools 0.7.1 (http://ipsec-tools.sourceforge.net)
    Apr 6 01:17:33 racoon: INFO: @(#)This product linked OpenSSL 0.9.8e 23 Feb 2007 (http://www.openssl.org/)
    Apr 6 01:17:33 racoon: INFO: Reading configuration from "/var/etc/racoon.conf"
    Apr 6 01:17:33 racoon: INFO: Resize address pool from 0 to 255
    Apr 6 01:17:33 racoon: ERROR: /var/etc/racoon.conf:19: "d" syntax error
    Apr 6 01:17:33 racoon: ERROR: fatal parse failure (1 errors)


Log in to reply