Can't start ipsec service even after a fresh new install 2.0-RELEASE (i386)
-
Hi,
Can somebody please let me know even after installing 2.0 from scratch I can't start racoon services when I am trying to start it says it started but in fact it is not. Under ipsec log I am getting error messageNov 19 09:42:41 racoon: INFO: @(#)ipsec-tools 0.8.0 (http://ipsec-tools.sourceforge.net)
Nov 19 09:42:41 racoon: INFO: @(#)This product linked OpenSSL 0.9.8n 24 Mar 2010 (http://www.openssl.org/)
Nov 19 09:42:41 racoon: INFO: Reading configuration from "/var/etc/racoon.conf"
Nov 19 09:42:41 racoon: DEBUG: call pfkey_send_register for AH
Nov 19 09:42:41 racoon: DEBUG: call pfkey_send_register for ESP
Nov 19 09:42:41 racoon: DEBUG: call pfkey_send_register for IPCOMP
Nov 19 09:42:41 racoon: DEBUG: reading config file /var/etc/racoon.conf
Nov 19 09:42:41 racoon: ERROR: /var/etc/racoon.conf:19: "2" syntax error
Nov 19 09:42:41 racoon: ERROR: fatal parse failure (1 errors)Can somebody let me know how to fix it?
Thanks
-
Should be impossible to get an invalid config like that. Go to Diagnostics>Command, and execute:
cat /var/etc/racoon.confand paste the output (with anonymized IPs) here.
-
same issues as stated above.
Dec 3 22:56:03 racoon: ERROR: could not read configuration file "/var/etc/racoon.conf"
Dec 3 22:56:03 racoon: ERROR: glob found no matches for path "/var/etc/racoon.conf"
Dec 3 22:56:03 racoon: DEBUG: call pfkey_send_register for IPCOMP
Dec 3 22:56:03 racoon: DEBUG: call pfkey_send_register for ESP
Dec 3 22:56:03 racoon: DEBUG: call pfkey_send_register for AH
Dec 3 22:56:03 racoon: INFO: Reading configuration from "/var/etc/racoon.conf"
Dec 3 22:56:03 racoon: INFO: @(#)This product linked OpenSSL 0.9.8n 24 Mar 2010 (http://www.openssl.org/)
Dec 3 22:56:03 racoon: INFO: @(#)ipsec-tools 0.8.0 (http://ipsec-tools.sourceforge.net)issued the command and this was the output.
cat: /var/etc/racoon.conf: No such file or directory
-
I got this error when I had multiple identical Phase 2 entries on a single Phase 1 for dyamic-IP site-to-site VPN's. Do you have the same config?
-
Once I created an ipsec configuration entry I was able to get the service to start, I thought I needed the service started before I would be able to configure and entry but that wasn't the case. Now I just to need to figure out how to get a remote cisco device, to talk to nice with pfsence. Hopefully its not to frustrating.