[Openswan Users] No ipsec0 device, and insmod error

Matt Harrell matt at mattharrell.net
Fri Jun 4 15:15:31 CEST 2004


I sent e-mail before about problems I'm having with the ipsec 
implementation in FC2 (kernel 2.6).  As I said earlier, I'm using 
OpenSWAN now, and having some luck.  However, I can only get one tunnel 
(i.e., one subnet on the dst side) to come up.  Even if I just work with 
that tunnel, though, I don't have full functionality.  Pings to my work 
PC get there, but I can't, for instance, Terminal Service anything at 
the work subnet.  Also, DNS to the internal interface of the work 
firewall does not work (it used to under FreeSWAN 2.06, and this is 
generally how it's done in our remote user tunnels).  When I check 
tcpdump on the firewall, I see the ISAKMP packets arrive on the external 
firewall interface, but nothing comes out the internal interface when I 
Terminal Service.  It seems like it must be something in the work 
firewall, then, but the fact that this worked just fine under FC1 and 
FreeSWAN 2.06 have me thinking otherwise.

Also, looking at the boot messages, I noticed this:

ipsec_setup: insmod: can't read 'ipsec': No such file or directory

Another thing I've noticed, but until now assumed was just a difference 
between FreeSWAN and the 2.6 kernel implementation of ipsec, is that I 
no longer have an ipsec0 interface.  It's not listed in ifconfig as it 
used to be.  Is this normal?

-- 
Matt Harrell
matt at mattharrell.net
http://www.mattharrell.net



More information about the Users mailing list