up to now i've blissfully evaded ipsec. but yow now here goes. on my end i've just installed raring openswan 1:2.6.38-1. the remote site has a sonicwall NSA 240. quite likely i should be finding some shared secret or something like that in the sonicwall and configuring that in openswan somehow. i'm sure there's no point in any rant about profuse useless documentation rendering googling ineffective. so far i've added this to /etc/ipsec.conf: interfaces=%defaultroute oe=no rekey=no nhelpers=0 conn sonicwall type=tunnel auto=start authby=secret keyingtries=1 left=%defaultroute leftsubnet=192.168.0.0/24 right=209.1.2.3 rightsubnet=192.168.1.0/24 meanwhile start ipsec yields Aborted (core dumped) failed to start openswan IKE daemon - the following error occured: addconn: /build/buildd/openswan-2.6.38/lib/libipsecconf/confread.c:256: load_setup: Assertion `kw->keyword.keydef->validity & kv_config' failed. any help? -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20130611/47e03021/attachment.html>