[Openswan Users] SUSE 9V1 no ipsec interface
Paul Wouters
paul at xelerance.com
Mon Aug 16 00:20:20 CEST 2004
On Sun, 15 Aug 2004 trevor-os at thennion.demon.co.uk wrote:
> I have had a VPN running successfully for some months using SuperFreeswan.
>
> I am now trying out a Suse 9v1 install, as it is very eay to keep it upto
> date.
>
> It uses kernel 2.6.5, and freeswan 2.04. It has the ipsec-tools installed.
> These are all provide by Suse. From what I understand the ipsec stuff is
> built into the kernel.
> but there is no ipsec0(or x) interface at all on the Suse box - there is on
> the Gateway, so all the traffic is unencrypted - not much use!
No. Everything is encrypted. And when using the native 2.6 ipsec stack, there
are no virtual ipsecX interfaces.
You can't run tcpdump on the host to see whether or not the 2.6 ipsec stack
encryps the packets, since there are encrypted after the point where tcpdump
can read them. Use a box in the middle or the other endpoint to confirm the
crypto is still working.
Paul
More information about the Users
mailing list