我在尝试创建ipsec连接时发现了一些奇怪的行为.我在cisco asa和我的Linux机器之间配置了ipsec,它按预期工作.但是,当我在Linux机器上重新启动网络服务或重新启动cisco端的端口时,隧道将停止工作,但隧道状态已启动:
/etc/init.d/ipsec status
/usr/libexec/ipsec/addconn Non-fips mode set in /proc/sys/crypto/fips_enabled
IPsec running - pluto pid: 2684
pluto pid 2684
1 tunnels up
some eroutes exist
当我尝试连接到另一端(telnet,ping,ssh)时,连接不起作用.
我的/etc/ipsec.conf看起来像这样:
# /etc/ipsec.conf - Openswan IPsec configuration file
#
# Manual: ipsec.conf.5
#
# Please place your own config files in /etc/ipsec.d/ ending in .conf
version 2.0 # conforms to second version of ipsec.conf specification
# basic configuration
config setup
# Debug-logging controls: "none" for (almost) none, "all" for lots.
# klipsdebug=none
# plutodebug="control …