<html>
<head>
<style>
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Verdana
}
</style>
</head>
<body class='hmmessage'>
> > I have more information on the difference between connecting with<br>> > OpenSWAN 2.6.19 and 2.6.22dr2 to our Netgear FVS338.<br>> > <br>> > To recap, using certificates phase 2 connects with OpenSWAN 2.6.19 but<br>> > does not with 2.6.22dr2.<br>> > <br>> > The code change that seems to break the phase 2 portion of the connection<br>> > is in /programs/pluto/spdb_v1_struct.c. If I remove this change (/* add<br>> > IPcomp proposal if policy asks for it */), both 2.6.20 & 2.6.22dr2<br>> > complete the IPsec SA.<br>> <br>> Really? Do you have compress=yes or compress=no? Or no compress= option set?<br>> <br>> I know we allow compress even if we have compress=no. It just changes what<br>> we advertise to the other end. So this might be a case of the other end<br>> lying to use, and us then happily using compress and the other end not liking<br>> it. Can you find out what the settings on the other end are for compression?<br>> <br>> Paul<br><br>Hi Paul,<br><br>We are using the command line options, so we send over --compress (I assume this is compress=yes). If I remove the --compress flag (compress=no), then the connection establishes! I have not been able to determine if the Netgear uses compression.<br><br>What is the benefit of using compression? <br><br>marcos<br><br><br><br><br /><hr />Insert movie times and more without leaving HotmailŪ. <a href='http://windowslive.com/Tutorial/Hotmail/QuickAdd?ocid=TXT_TAGLM_WL_HM_Tutorial_QuickAdd1_052009' target='_new'>See how.</a></body>
</html>