I'm not a developper but the message is print when you start openswan but in 2.6.15dr2...<br><br>Somebody has told me that 2.6.14 has some parsing conf problem and 2.6.15dr2 (on developpement) is more stable... <br><br>
Regards<br><br><div class="gmail_quote">2008/7/2 David Jao <<a href="mailto:djao@dominia.org">djao@dominia.org</a>>:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Hi all,<br>
<br>
I managed to fix my problem by adding "protostack=netkey" to config<br>
setup. Apparently this is a new requirement of version 2.6.<br>
<br>
If any developers are reading this I would urge that they change the<br>
message printed out by openswan when it is started while running under<br>
netkey when the protostack directive is not present, as it is _not_<br>
obvious that openswan behaves differently with and without this<br>
directive included.<br>
<font color="#888888"><br>
-David<br>
</font><div><div></div><div class="Wj3C7c"><br>
David Jao wrote:<br>
> Hi,<br>
><br>
> I am using Openswan to encrypt wireless network packets on my LAN (a<br>
> rather common usage scenario, as I understand it).<br>
><br>
> I have a dhcp server on <a href="http://192.168.0.2" target="_blank">192.168.0.2</a> that doubles as a NAT gateway for<br>
> <a href="http://192.168.0.0/24" target="_blank">192.168.0.0/24</a>. The gateway runs freeswan-2.06, and my laptop on the<br>
> LAN runs openswan. I am using the following configuration to encrypt<br>
> packets traveling between the laptop and the internet:<br>
><br>
> config setup<br>
><br>
> conn gateway-laptop-net<br>
> left=<a href="http://192.168.0.2" target="_blank">192.168.0.2</a><br>
> leftid=@gateway<br>
> leftsubnet=<a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a><br>
> right=%defaultroute<br>
> rightid=@laptop<br>
> auto=start<br>
> compress=no<br>
> keyingtries=1<br>
> ikelifetime=15m<br>
> keylife=15m<br>
> rekeymargin=5m<br>
> leftrsasigkey=...<br>
> rightrsasigkey=...<br>
><br>
> Previously, I ran openswan 2.4.9 on my laptop, and this configuration<br>
> worked perfectly. After upgrading to 2.6.14, the same configuration<br>
> does not work anymore unless I replace %defaultroute with my laptop's IP<br>
> address (which I do not want to do, because my laptop uses dhcp, and I<br>
> do not necessarily know its IP address ahead of time). I have been<br>
> informed that the problem is not a bug in openswan but rather is a<br>
> problem with my configuration.<br>
><br>
> Does anyone have any idea how I can configure this IPsec tunnel without<br>
> having to specify my laptop's IP address ahead of time? Thanks!<br>
><br>
> -David<br>
> _______________________________________________<br>
> <a href="mailto:Users@openswan.org">Users@openswan.org</a><br>
> <a href="http://lists.openswan.org/mailman/listinfo/users" target="_blank">http://lists.openswan.org/mailman/listinfo/users</a><br>
> Building and Integrating Virtual Private Networks with Openswan:<br>
> <a href="http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155" target="_blank">http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155</a><br>
<br>
_______________________________________________<br>
<a href="mailto:Users@openswan.org">Users@openswan.org</a><br>
<a href="http://lists.openswan.org/mailman/listinfo/users" target="_blank">http://lists.openswan.org/mailman/listinfo/users</a><br>
Building and Integrating Virtual Private Networks with Openswan:<br>
<a href="http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155" target="_blank">http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155</a><br>
</div></div></blockquote></div><br>