debian man page for ipsec_verify

Debian Man Pages All Man Pages Latest Topics Forum Categories

Query: ipsec_verify

OS: debian

Section: 8

Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar

IPSEC_VERIFY(8) 						  [FIXME: manual]						   IPSEC_VERIFY(8)


NAME

       ipsec_verify - see if FreeSWAN has been installed correctly


SYNOPSIS

       ipsec verify [--host name]


DESCRIPTION

       Invoked without argument, verify examines the local system for a number of common system faults: IPsec not in path, no secrets file
       generated, pluto not running, and IPsec support not present in kernel (or IPsec module not loaded). If two or more interfaces are found, it
       performs checks relevant on an IPsec gateway: whether IP forwarding is allowed, and if so, whether MASQ or NAT rules are in play.

       In addition, verify performs checks relevant to Opportunistic Encryption. It looks in forward DNS for a TXT record for the system's
       hostname, and in reverse DNS for a TXT record for the system's IP addresses. It checks whether the system has a public IP.

       The --host option causes verify to look for a TXT record for name in forward and reverse DNS.


FILES

	   /proc/net/ipsec_eroute
	   /etc/ipsec.secrets


HISTORY

       Written for the Linux FreeS/WAN project <http://www.freeswan.org> by Michael Richardson.


BUGS

       Verify does not check for ipchains masquerading.

       Verify does not look for TXT records for Opportunistic clients behind the system.

[FIXME: source] 						    10/06/2010							   IPSEC_VERIFY(8)
Related Man Pages
ipsec_trap_count(5) - centos
ipsec_barf(8) - centos
ipsec__updown(8) - centos
ipsec_barf(8) - debian
ipsec_newhostkey(8) - debian