[Openswan Users] Re: OpenSWAN - so dang hard to implement?!
Help!
Andreas Steffen
andreas.steffen at strongsec.net
Tue Mar 2 13:06:11 CET 2004
Paul Wouters wrote:
> On Tue, 2 Mar 2004, Axel Thimm wrote:
>
>
>>>Then Alex didn't put it in because of the conflicts with 2.6 nat code. The rpms
>>>were mostly meant for stock fedora kernels I think.
>>
>>For FC1, RH9, RH8.0 and RH7.3 stock Red Hat and ATrpms kernels (the
>>latter have XFS, lm_sensors 2.8.x, LVM 1.0.7 and some other patches).
>>
>>I packaged 2.0.0dr3 without any further patches. Check
>>http://www.openswan.org/development/roadmap.php for upcoming features
>>of future OpenSWAN releases.
>
>
> Ye, I have been scolded by Ken for misleading information :)
> I was wrong, openswan-2.0.0 has no NAT-T support. It is a bit confusing since
> when using the 2.6 kernel, the kernel support *is* there. It's just some
> userland code that needs to be put in. This is going into the 2.1 branch, that
> was started yesterday.
> If you really need nat-traversal, use openswan-1 (based on freeswan 1.9x)
As an alternative you can use either freeswan-2.04 or freeswan-2.05,
patch it with the X.509 patch and the NAT-T patch both available from
http://www.strongsec.com/freeswan/
>
> Paul
Regards
Andreas
=======================================================================
Andreas Steffen e-mail: andreas.steffen at strongsec.com
strongSec GmbH home: http://www.strongsec.com
Alter Zürichweg 20 phone: +41 1 730 80 64
CH-8952 Schlieren (Switzerland) fax: +41 1 730 80 65
==========================================[strong internet security]===
More information about the Users
mailing list