IPSec VPN tunnel errors, replaced 1.2 with 2.0 …can't get tunnel up
-
Was running 1.2 for over a year at home, had a full time IPSec tunnel between it and my office, a Linksys/Cisco RV082 at the office. Was running great, always up.
With 2.0…did same settings (I believe)..but cannot get the tunnel up. In services I cannot get the Racoon service to start.
IPSec log snippet below....can anyone point me in a direction to correct this?
"Mar 19 15:00:58 racoon: INFO: @(#)ipsec-tools 0.7.1 (http://ipsec-tools.sourceforge.net)
Mar 19 15:00:58 racoon: INFO: @(#)This product linked OpenSSL 0.9.8e 23 Feb 2007 (http://www.openssl.org/)
Mar 19 15:00:58 racoon: INFO: Reading configuration from "/var/etc/racoon.conf"
Mar 19 15:00:58 racoon: INFO: Resize address pool from 0 to 255
Mar 19 15:00:58 racoon: ERROR: /var/etc/racoon.conf:21: "d" syntax error
Mar 19 15:00:58 racoon: ERROR: fatal parse failure (1 errors)" -
I'd start with a fresh clean install and NOT restore your settings from a config backup, redo them by hand and save a new backup of your config when done.
I have two ipsec tunnels working fine on 2.0 for some time. One to a cisco pix and another to pfsense 1.2.3, As of 2.0-ALPHA-ALPHA built on Wed Mar 18 22:23:06 EDT 2009 my IPSEC tunnels are up and working.
I do have some trouble with NAT redirect in this build however. And also log display.
-
Thanks for the reply.
I built it from scratch, no import of config from prior version.
I updated to the latest….still no luck, although I now have the failure to display the log that you mentioned. ???I'll try a fresh rebuild from scratch again this weekend.
-
Did you try and check the prefer older IPsec in the advanced tab?
-
Did you try and check the prefer older IPsec in the advanced tab?
I did not…I just went and looked for it..found it...put a check in it, save, went to services...tried to start Racoon, it still remains in a "stopped" status.
Did not find time to rebuild over this past weekend.
-
It would help if you provided a piece of the broken racoon.conf configuration file so we can see what causes the parse error.
-
It would help if you provided a piece of the broken racoon.conf configuration file so we can see what causes the parse error.
Thanks for posting, as requested:
Apr 6 01:17:33 racoon: INFO: @(#)ipsec-tools 0.7.1 (http://ipsec-tools.sourceforge.net)
Apr 6 01:17:33 racoon: INFO: @(#)This product linked OpenSSL 0.9.8e 23 Feb 2007 (http://www.openssl.org/)
Apr 6 01:17:33 racoon: INFO: Reading configuration from "/var/etc/racoon.conf"
Apr 6 01:17:33 racoon: INFO: Resize address pool from 0 to 255
Apr 6 01:17:33 racoon: ERROR: /var/etc/racoon.conf:19: "d" syntax error
Apr 6 01:17:33 racoon: ERROR: fatal parse failure (1 errors)