VPN IPSEC CENTOOS7 <=lIbreswan=> FORTIGATE 60F (6.23)
Less than a week- Basic Level
- Expired
Less than a week
Basic Level
ExpiredProject detail
VPN IPSEC
CENTOOS7 FORTIGATE 60F (6.23)
Estou recebendo erro no ipsec, usando o libreswan
[root@semffw03 ipsec.d]# ipsec verify
Verifying installed system and configuration files
Version check and ipsec on-path [OK]
Libreswan U3.25/K(no kernel code presently loaded) on 3.10.0-1160.6.1.el7.x86_64
Checking for IPsec support in kernel [FAILED]
The ipsec service should be started before running ‘ipsec verify’
Pluto ipsec.conf syntax [PARSE ERROR]
cannot load config ‘/etc/ipsec.conf’: /etc/ipsec.d/spthe.conf:2: syntax error, unexpected KEYWORD, expecting $end [left]
Two or more interfaces found, checking IP forwarding [OK]
Checking rp_filter [OK]
Checking that pluto is running [FAILED]
Checking ‘ip’ command [OK]
Checking ‘iptables’ command [OK]
Checking ‘prelink’ command does not interfere with FIPS [OK]
Checking for obsolete ipsec.conf options [OBSOLETE KEYWORD]
cannot load config ‘/etc/ipsec.conf’: /etc/ipsec.d/spthe.conf:2: syntax error, unexpected KEYWORD, expecting $end [left]
ipsec verify: encountered 4 errors – see ‘man ipsec_verify’ for help
ipsec verify: encountered 4 errors – see ‘man ipsec_verify’ for help
[root@semffw03 ipsec.d]# ^C
[root@semffw03 ipsec.d]# service ipsec status
Redirecting to /bin/systemctl status ipsec.service
â— ipsec.service – Internet Key Exchange (IKE) Protocol Daemon for IPsec
Loaded: loaded (/usr/lib/systemd/system/ipsec.service; disabled; vendor preset: disabled)
Active: failed (Result: start-limit) since Sáb 2020-12-19 20:40:57 -03; 34s ago
Docs: man:ipsec(8)
man:pluto(8)
man:ipsec.conf(5)
Process: 3741 ExecStopPost=/usr/sbin/ipsec –stopnflog (code=exited, status=0/SUCCESS)
Process: 3739 ExecStopPost=/sbin/ip xfrm state flush (code=exited, status=0/SUCCESS)
Process: 3736 ExecStopPost=/sbin/ip xfrm policy flush (code=exited, status=0/SUCCESS)
Process: 3735 ExecStartPre=/usr/libexec/ipsec/addconn –config /etc/ipsec.conf –checkconfig (code=exited, status=3)
Dez 19 20:40:57 semffw03 systemd[1]: Failed to start Internet Key Exchange (IKE) Protocol Daemon for IPsec.
Dez 19 20:40:57 semffw03 systemd[1]: Unit ipsec.service entered failed state.
Dez 19 20:40:57 semffw03 systemd[1]: ipsec.service failed.
Dez 19 20:40:57 semffw03 systemd[1]: ipsec.service holdoff time over, scheduling restart.
Dez 19 20:40:57 semffw03 systemd[1]: Stopped Internet Key Exchange (IKE) Protocol Daemon for IPsec.
Dez 19 20:40:57 semffw03 systemd[1]: start request repeated too quickly for ipsec.service
Dez 19 20:40:57 semffw03 systemd[1]: Failed to start Internet Key Exchange (IKE) Protocol Daemon for IPsec.
Dez 19 20:40:57 semffw03 systemd[1]: Unit ipsec.service entered failed state.
Dez 19 20:40:57 semffw03 systemd[1]: ipsec.service failed.
[root@semffw03 ipsec.d]# ^C
[root@semffw03 ipsec.d]#