[Openswan Users] OpenSWAN - so dang hard to implement?! Help!
fozz at iodynamics.com
Sun Feb 29 20:16:15 CET 2004
Hi guys, I need some help. I don't need someone to hold my hand- I just
need a set of directions that make sense to follow.
I've got to build a roadwarrior-type VPN for a Windows 2000 user at home
(behind an SMC firewall appliance doing NAT) logging into an office
network. The gateway machine for the office network is a Red Hat 9 box
doing NAT for the LAN users.
Because the home user will be a very-non-technical guy, I'm thinking of
going with an L2TP/OpenSWAN setup on the gateway so the home user can use
Win2K's native VPN tools. I've already found Jacco de Leeuw's excellent
tutorials on this subject.
I realize that because the user will be NAT'd, I need the NAT traversal
stuff going on.
But I can't even get the OpenSWAN ipsec.o kernel module to build! It's very
frustrating. I'm trying to get 1.0.1 built. I'd like to just add ipsec.o to
the 2.4.20-30.9 kernel I'm running on the box, but I'm not sure exactly how
to go about that.
I've tried all kinds of stuff from doing a 'make oldconfig' and 'make dep'
on the kernel-source and then doing a 'make oldgo' from the openswan
directory. Nothing seems to work.
And this is after I tried the ATRPMs builds of OpenSWAN v2.0.0 (which didn't
support NAT-T) and freeswan+x509 RPMs (which also didn't support NAT-T).
I've been banging my head against the wall about this for about a week.
Also, if someone can tell me what I need to do, I'd be willing to build and
host RPMs for a variety of RH9 and FC1 kernels.
fozz at iodynamics.com is Doran L. Barton, president, Iodynamics LLC
Iodynamics: Linux solutions - Web development - Business connectivity
"Beware of being eaten by small children due to small parts."
-- Seen on a toy package
More information about the Users