[Openswan dev] ESP Null (RFC 2410)

Paul Wouters paul at xelerance.com
Tue Oct 2 10:04:52 EDT 2007

On Mon, 1 Oct 2007, Kabir Ahsan-r9aahw wrote:

> Does Openswan support ESP Null? I am interested in running ESP protocol with only authentication and no confidentiality. I thought running ESP Null would give me that. But it seems to me that ESP null is not supported by the Openswan kernel. In other words, in my ipsec.conf file I put 'esp=null-sha1" and then when I execute the ipsec.conf file I get warning mentioning that the protocol/algorithm is not supported.
> Any idea as to how I can get ESP Null working? Is there any patch?
> I am working off of Michael's git repository and I cloned the 'ocf' branch.

Openswan 2.4.7 reintroduced ESP_NULL. I am not sure if this has been
ported to the 2.5.x or ocf series yet.

Building and integrating Virtual Private Networks with Openswan:

More information about the Dev mailing list