[Openswan Users] questions from newbie (should be simple)
Paul Wouters
paul at xelerance.com
Wed Jun 16 19:07:04 CEST 2004
On Wed, 16 Jun 2004, Xiaoming Yu wrote:
> I just installed the openswan version 2.1.2 on my Fedora with kernel 2.6.5.
> First, I also downloaded the two patches listed on the web site, one for
> kernel, one for NAT-T. I really need the nat-t one.
You do not need the nat-t patch for 2.6 kernels. It is only for 2.4 kernels.
> Jun 16 10:37:16 vpn pluto[4666]: including NAT-Traversal patch (Version
> 0.6c) [disabled]
add nat_traversal=yes to your configuration file.
> Second question. When I did ipsec verify, I saw this. I assume the two
> missing is ok, meaning I cannot do opportunitic encryption. How about the
> N/A? Is it OK too?
N/A means "Not Applicable". In this case, you did not have any NAT or MASQ
rules, so there was no need to check whether there was a tunnel configured
that would get mangled by NAT/MASQ.
Paul
--
<Reverend> IRC is just multiplayer notepad.
More information about the Users
mailing list