[Openswan Users] Openswan and 2.6 kernel.

John McMonagle johnm at advocap.org
Sun Apr 25 12:42:17 CEST 2004

I'm working on building new firewalls.

Currently using freeswan with rsa keys.

Have decided to go to a 2.6 kernel.
Have managed to make a transport connection with racoon to freeswan with 
  secret keys.

Needless to say there would be a bit less pain if I stuck with freeswan 
or openswan but a few things concern me.

First the simple one, is openswan 2.1.1 working reliably with the 2.6 

Are the leftnexthop and rightnexthop still needed with 2.6 kernel?
These are not needed in racoon. A couple of firewalls have multiple inet 
connections with one of them being dynamic. It's a pain having to deal 
with routing in ipsec.conf. For that matter I may not really care what 
interface it comes in on.

I have seen some comments concerning problems with compression between 
freeswan and the 2.6 kernel ipsec. Is there a problem? In case it 
matters I want compression.


More information about the Users mailing list