[Openswan Users] Re: OpenSWAN - so dang hard to implement?! Help!
Axel Thimm
Axel.Thimm at physik.fu-berlin.de
Tue Mar 2 02:58:22 CET 2004
On Mon, Mar 01, 2004 at 08:02:33PM +0100, Paul Wouters wrote:
> On Mon, 1 Mar 2004, Doran Barton wrote:
>
> > > Did you try and download openswan-2.0.0.tar.gz and use 'make rpm' ?
> >
> > No, I didn't know about that... I gave up on trying to get 2.0.0 working
> > because I assumed NAT-T was not applied in 2.0.0.
>
> It is.
>
> > The reason I thought this
> > is because I installed the ATRPMs build of openswan 2.0.0 and when I put
> > "nat_traversal=yes" in ipsec.conf, I got errors:
>
> Then Alex didn't put it in because of the conflicts with 2.6 nat code. The rpms
> were mostly meant for stock fedora kernels I think.
For FC1, RH9, RH8.0 and RH7.3 stock Red Hat and ATrpms kernels (the
latter have XFS, lm_sensors 2.8.x, LVM 1.0.7 and some other patches).
I packaged 2.0.0dr3 without any further patches. Check
http://www.openswan.org/development/roadmap.php for upcoming features
of future OpenSWAN releases.
> > I may be wrong, but this tells me the ATRPMs openswan 2.0.0 build doesn't
> > have the NAT-T code in it. Right?
>
> Aye.
>
> > So... is NAT-T really enabled by default (or enablable?) in openswan 2.0.0?
>
> Yes
>
> > If I do a "make rpm" will I get RPMs that include NAT-T support? If so,
>
> Yes
>
> > I'll have to kiss someone.
>
> Finding the appropriate target is left as an exercise to the reader.
>
> Paul
--
Axel.Thimm at physik.fu-berlin.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.openswan.org/pipermail/users/attachments/20040302/03534b2a/attachment.bin
More information about the Users
mailing list