Quote:
Im looking for isakmpd.conf, i haven't it ...
|
You are using ipsecctl, and will not use an isakmpd.conf file. You are using the "-K" option with isakmpd; your configuration is in ipsec.conf instead. You should read man pages, when you are confused.
Quote:
-K When this option is given, isakmpd does not read the policy con-
figuration file and no keynote(4) policy check is accomplished.
This option can be used when policies for flows and SA establish-
ment are arranged by other programs like ipsecctl(8) or bgpd(8).
|
The error you are seeing:
Code:
isakmpd[29133] : udp_create : no address configured for "peer defaut"
is related to your ipsec.conf. Let's review it.
If what you posted, above, is its
exact contents:
Code:
ike dynamic from any to any \
main auth hmac-sha1 enc aes group modp1024
quick auth hmac-sha1 enc aes psk 123456A
It is missing a continuation "\" on the second line, preventing the third line from being used, and should have produced an error message when ipsecctl(8) attempted to configure it. It is using dynamic keying, which is inappropriate for gateways. It is using "peer default", which appears to be a problem, also.
Let me guess... you found this configuration in a "howto" somewhere on the Internet?