<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Verdana
}
--></style>
</head>
<body class='hmmessage'>
Dear Friend,<BR>
<BR>
I really appreciate your help on this regard. I just installed Openswan(openswan-2.6.24) without KLIPS support by using commands ( make programs , make install). Now when I execute command "service ipsec status" it shows "IPsec running - pluto pid: 10121<BR>pluto pid 10121<BR>No tunnels up". How to configure tunnels? Please refer me to some document for its configuration. I will be thankful to you if you provide me that.<BR><BR>Regards,<BR>
<BR>
Zaeem<BR><BR><BR> <BR>
<BR>> Subject: Re: [Openswan Users] Openswan isntallation<BR>> From: mhw@WittsEnd.com<BR>> To: zaeemabbas@hotmail.com<BR>> CC: mhw@WittsEnd.com; paul@xelerance.com; users@openswan.org<BR>> Date: Tue, 12 Jan 2010 08:53:16 -0500<BR>> <BR>> On Tue, 2010-01-12 at 12:23 +0000, Zaeem Sherazi wrote:<BR>> > Dear Paul,<BR>> > <BR>> > Regarding your question about KLIPS (Kernal Layer IP Security) is<BR>> > concerned I am not very much clear that it is required or not but I<BR>> > need some NAT traversal. So as per my Google search it seems that<BR>> > KLIPS is required.<BR>> <BR>> You do not need KLIPS unless, for some reason, you need/want the<BR>> ipsec[012...] interfaces. The kernels in CentOS 5 all support IPSec ala<BR>> the native netkey support and all support NAT-T. OpenSWAN runs just<BR>> fine on those kernels with the native IPSec and it's even in the yum<BR>> repositories. I've been using it that way for years.<BR>> <BR>> > You also wrote that "<The current release does not compile on 2.6.18<BR>> > based kernels (rhel/centos)>" Can you please let me know then what<BR>> > version of Openswan should I try with My centOS 5.3 (Kernel:<BR>> > 2.6.18-128)?<BR>> > <BR>> > Regards,<BR>> > <BR>> > Zaeem<BR>> <BR>> <BR>> > > Date: Mon, 11 Jan 2010 10:49:35 -0500<BR>> > > From: paul@xelerance.com<BR>> > > To: zaeemabbas@hotmail.com<BR>> > > CC: webserv@s3group.cz; users@openswan.org<BR>> > > Subject: Re: [Openswan Users] Openswan isntallation<BR>> > > <BR>> > > On Mon, 11 Jan 2010, Zaeem Sherazi wrote:<BR>> > > <BR>> > > > Thanks for your continous support. I have prepared a computer with<BR>> > centOS 5.3 and kernel (Linux localhost.localdomain<BR>> > > > 2.6.18-128.el5xen #1 SMP Wed Jan 21 11:55:02 EST 2009 i686 i686<BR>> > i386 GNU/Linux). WHen I am installig<BR>> > > > openswan-2.6.24.tar.gz I am facing again same error that I faced<BR>> > while installing it on RHEL5.<BR>> > > > <BR>> > > > [root@localhost openswan-2.6.24]# make module<BR>> > > <BR>> > > Do you really needs KLIPS?<BR>> > > <BR>> > > > /usr/src/openswan-2.6.24/modobj26/ipsec_tunnel.c: In function<BR>> > âklips_headerâ:<BR>> > > > /usr/src/openswan-2.6.24/modobj26/ipsec_tunnel.c:249: error:<BR>> > âstruct net_deviceâ has no member named âheader_opsâ<BR>> > > > /usr/src/openswan-2.6.24/modobj26/ipsec_tunnel.c: In function<BR>> > âklips_header_parseâ:<BR>> > > <BR>> > > The current release does not compile on 2.6.18 based kernels<BR>> > (rhel/centos)<BR>> > > <BR>> > > Paul<BR>> <BR>> Mike<BR>> -- <BR>> Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw@WittsEnd.com<BR>> /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/<BR>> NIC whois: MHW9 | An optimist believes we live in the best of all<BR>> PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!<BR> <br /><hr />Hotmail: Trusted email with Microsoft’s powerful SPAM protection. <a href='http://clk.atdmt.com/GBL/go/196390706/direct/01/' target='_new'>Sign up now.</a></body>
</html>