Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Can't start ipsec service even after a fresh new install 2.0-RELEASE (i386)

    Scheduled Pinned Locked Moved IPsec
    5 Posts 4 Posters 2.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mamon
      last edited by

      Hi,
      Can somebody please let me know even after installing 2.0 from scratch I can't start racoon services when I am trying to start it says it started but in fact it is not. Under ipsec log I am getting error message

      Nov 19 09:42:41 racoon: INFO: @(#)ipsec-tools 0.8.0 (http://ipsec-tools.sourceforge.net)
      Nov 19 09:42:41 racoon: INFO: @(#)This product linked OpenSSL 0.9.8n 24 Mar 2010 (http://www.openssl.org/)
      Nov 19 09:42:41 racoon: INFO: Reading configuration from "/var/etc/racoon.conf"
      Nov 19 09:42:41 racoon: DEBUG: call pfkey_send_register for AH
      Nov 19 09:42:41 racoon: DEBUG: call pfkey_send_register for ESP
      Nov 19 09:42:41 racoon: DEBUG: call pfkey_send_register for IPCOMP
      Nov 19 09:42:41 racoon: DEBUG: reading config file /var/etc/racoon.conf
      Nov 19 09:42:41 racoon: ERROR: /var/etc/racoon.conf:19: "2" syntax error
      Nov 19 09:42:41 racoon: ERROR: fatal parse failure (1 errors)

      Can somebody let me know how to fix it?

      Thanks

      1 Reply Last reply Reply Quote 0
      • C
        cmb
        last edited by

        Should be impossible to get an invalid config like that. Go to Diagnostics>Command, and execute:
        cat /var/etc/racoon.conf

        and paste the output (with anonymized IPs) here.

        1 Reply Last reply Reply Quote 0
        • M
          mouse82
          last edited by

          same issues as stated above.

          Dec 3 22:56:03 racoon: ERROR: could not read configuration file "/var/etc/racoon.conf"
          Dec 3 22:56:03 racoon: ERROR: glob found no matches for path "/var/etc/racoon.conf"
          Dec 3 22:56:03 racoon: DEBUG: call pfkey_send_register for IPCOMP
          Dec 3 22:56:03 racoon: DEBUG: call pfkey_send_register for ESP
          Dec 3 22:56:03 racoon: DEBUG: call pfkey_send_register for AH
          Dec 3 22:56:03 racoon: INFO: Reading configuration from "/var/etc/racoon.conf"
          Dec 3 22:56:03 racoon: INFO: @(#)This product linked OpenSSL 0.9.8n 24 Mar 2010 (http://www.openssl.org/)
          Dec 3 22:56:03 racoon: INFO: @(#)ipsec-tools 0.8.0 (http://ipsec-tools.sourceforge.net)

          issued the command and this was the output.

          cat: /var/etc/racoon.conf: No such file or directory

          1 Reply Last reply Reply Quote 0
          • E
            e__n
            last edited by

            I got this error when I had multiple identical Phase 2 entries on a single Phase 1 for dyamic-IP site-to-site VPN's.  Do you have the same config?

            1 Reply Last reply Reply Quote 0
            • M
              mouse82
              last edited by

              Once I created an ipsec configuration entry I was able to get the service to start, I thought I needed the service started before I would be able to configure and entry but that wasn't the case. Now I just to need to figure out how to get a remote cisco device, to talk to nice with pfsence. Hopefully its not to frustrating.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.