[Openswan Users] Questions from a beginner ;)

[Paul Wouters]

On Fri, 20 Aug 2004, Thomas Henneberger wrote:

> I decided to give this a try on a 9.1 Suse with a 2.6.5 Kernel, and it 
> didn t work (ipsec verify returned no ipsec in kernel activated). I 
> talked to a friend of mine (who knows a lot more about Linux then me) 
> and he told me to use Debain instead.

I would not base the decision of distribution based on Openswan. Pick what
you know best, or what feels the easier distribution for you. Then add
Openswan if it is not already included.

There should be Openswan packages for Suse 9.1 soon. We just installed
a machine so we can build binaries for people soon. Meanwhile, you
can try and download the source, untar it and run:

rpmbuild -ba openswan-2.1.6/packaging/redhat/openswan26.spec

This should (untested) work and give you the proper binary rpm which you
can install.

Binary RPMS for Fedora Core 3 (should work on FC2 as well) and RedHat 9
(might work on Fedora Core 1) will make it to the ftp server today as well.

Debian includes Openswan as well. Just "apt-get install openswan".

As for kernels. If you want a rock solid solution, I would go for a 2.4 kernel
with KLIPS (the openswan ipsec stack). There just isn't as much field 
experience with 2.6 yet and it is still very much a moving target. But
again, don't let your choice of kernel depend on Openswan; it is better
to stick to your distribution's own kernel if you are unfamiliar with
rolling your own kernels.

So:
 
> So, my questions:
> What distribution and kernel should I use?

That which you are most familiar with already.

Paul