<div dir="ltr">Hello World!<br><br>I'm new to openSwan, I got started with dd-wrt, but that was seeming like I was breaking new group, due to the lack of documentation (and documented sucess stories!). Finally I realized that installing to a linux distro first to verify that everything would work would be a better idea then plugging along with the router install. Plus it would give me a reference to compare the dd-wrt install to. Plus, I'm pretty sure I'm going to have to build a custom wrt image to get this all working, and that's best done in linux.<br>
<br>So here I am. I grabbed the latest debian, 4.04ra and installed to a VMware box. It's up and running great. I'm able to use apt to install openSwan. I know the IPSEC implementation in Debian with kernel 2.6 is NETKEY. But I'm not going to be able to use that on my dd-wrt box. That distro is on kernel 2.4 so I'll have to use KLIPS. <br>
<br>I'm reading "Building And Integrating Virtual Private Networks With Openswan" and there are plenty of instructions on building KLIPS from source, which I'm sure I can handle. I'm not a noob but haven't actually compiled anything under Linux in a while. Anyway, the point is that I want to know - if I compile a KLIPS module and load it up, how can I make sure that openSwan uses it instead of the NETKEY implementation? Also, since IPV6 is built in to this kernel, will I have issues using KLIPS? I know I can patch in the IPV6 support, but rememebr that this is supposed to be a reference platform the wrt box, where I will be on IPv4. To complicate matters, the intended endpoint host is an iPhone, which is also IPv4. It SHOULD be ok for my iPhone to conenct to my linux box due to backwards compatibilty of IPv6. notice the stress on "SHOULD". :) So what's my best bet?<br>
<br>I'm thinking... Custom Kernel with IPv4 and KLIPS built in. <br><br>Any advice on the feasibility of this, plus caveats or pitfalls to avaid would be GREATLY appreciated.<br><br>Thanks!<br><br>Nick<br></div>