[Openswan Users] OpenSWAN - so dang hard to implement?! Help!
Doran Barton
fozz at iodynamics.com
Mon Mar 1 11:36:13 CET 2004
Not long ago, Paul Wouters proclaimed...
>
> > Also, if someone can tell me what I need to do, I'd be willing to build and
> > host RPMs for a variety of RH9 and FC1 kernels.
>
> We are working on porting the build process for RPM's to our openswan
> infrastructure.
Good.
> Meanwhile, can you be more specific about what is going wrong?
I will provide any and all details if it will help. I'm sure you understand
that my frustration level has gotten to the point where I don't know
exactly where to start.
> Did you try and download openswan-2.0.0.tar.gz and use 'make rpm' ?
No, I didn't know about that... I gave up on trying to get 2.0.0 working
because I assumed NAT-T was not applied in 2.0.0. The reason I thought this
is because I installed the ATRPMs build of openswan 2.0.0 and when I put
"nat_traversal=yes" in ipsec.conf, I got errors:
ipsec_setup: (/etc/ipsec.conf, line 27) unknown parameter name "nat_traversal" -- `restart' aborted
I also got errors like this:
ipsec__plutorun: ipsec_auto: fatal error in "L2TP-CERT-orgWIN2KXP": (/etc/ipsec.conf, line 91) unknown parameter name "virtual_private"
I may be wrong, but this tells me the ATRPMs openswan 2.0.0 build doesn't
have the NAT-T code in it. Right?
So... is NAT-T really enabled by default (or enablable?) in openswan 2.0.0?
If I do a "make rpm" will I get RPMs that include NAT-T support? If so,
I'll have to kiss someone.
--
fozz at iodynamics.com is Doran L. Barton, president, Iodynamics LLC
Iodynamics: Linux solutions - Web development - Business connectivity
"Do not activate with wet hands."
-- A sign seen on an automatic restroom hand dryer
More information about the Users
mailing list