thasard
asked on
Ipsec.conf syntax issue
All,
I'm somewhat new to linux and I am trying to setup a connection between a Cisco ASA at a vendor site with my linux based firewall that we have deployed. Read up on the documentation and Openswan seemed like it would be a good choice (feel free to correct me) so I pressed forward into making a config and testing it out.
Here is the config (identifying items replaced with x's)
When I attempt to start here is what I get:
[root@XXXX~]# ipsec setup start
can not load config '/etc/ipsec.conf': /etc/ipsec.conf:11: syntax error, unexpected KEYWORD, expecting $end [interfaces]
Failed to parse config setup portion of ipsec.conf
Any advice or resources I should be looking at? Thanks!
I'm somewhat new to linux and I am trying to setup a connection between a Cisco ASA at a vendor site with my linux based firewall that we have deployed. Read up on the documentation and Openswan seemed like it would be a good choice (feel free to correct me) so I pressed forward into making a config and testing it out.
Here is the config (identifying items replaced with x's)
# Manual: ipsec.conf.5
#
# Please place your own config files in /etc/ipsec.d/ ending in .conf
version 2.0 # conforms to second version of ipsec.conf specification
# basic configuration
config setup
# Debug-logging controls: "none" for (almost) none, "all" for lots.
# klipsdebug=none
# plutodebug="control parsing"
# For Red Hat Enterprise Linux and Fedora, leave protostack=netkey
interfaces=%defaultroute
klipsdebug=none
plutodebug=none
#protostack=netkey
#nat_traversal=yes
#virtual_private=
#oe=off
# Enable this if you see "failed to find any available worker"
#nhelpers=0
conn XXXX # Here is the Name of the VPN connection.
type= tunnel
authby= secret
# Left XX
left= XX.XX.XXX.XX
leftsubnet= XX.X.XX.X/24
# Right XX
right= XXX.XXX.XXX.X
rightsubnet= XX.XXX.XX.X/24
# Type of cryptogrphy used on the VPN Tunnel
esp= 3des-md5-96
keyexchange= ike
pfs= no
auto= start
#You may put your configuration (.conf) file in the "/etc/ipsec.d/" and uncomment this.
#include /etc/ipsec.d/*.conf
When I attempt to start here is what I get:
[root@XXXX~]# ipsec setup start
can not load config '/etc/ipsec.conf': /etc/ipsec.conf:11: syntax error, unexpected KEYWORD, expecting $end [interfaces]
Failed to parse config setup portion of ipsec.conf
Any advice or resources I should be looking at? Thanks!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER