[Openswan Users] Forward of moderated message

Paul Wouters paul at xelerance.com
Fri Apr 1 12:30:16 CEST 2005


On Fri, 1 Apr 2005 mailman-bounces at lists.openswan.org wrote:

> Hi, I'm setting a network-network VPN with Openswan. The left gateway is
> a Fedora Core 2 server with fresswan running ang working fine. The right
> server is a Red Hat Linux entrerprise 3 with Openswan. In Fedora Server
> we compilate the kernel but in the Red Hat server we don't want do it. I
> have tried to install openswan-2.3.0-1rhel.i386.rpm, I have configured
> ipsec.conf with the keys in both side, when I trying start ipsec, the
> terminal display this messages: 
> 
> lnx671 (root):/root-> service ipsec start
> ipsec_setup: Starting Openswan IPsec 2.3.0...
> ipsec_setup: modprobe: Can't locate module ipsec

that's fine, since it will use netkey.

> ipsec_setup: /sbin/insmod
> /lib/modules/2.4.21-20.ELsmp/kernel/net/key/af_key.o
> ipsec_setup: Using /lib/modules/2.4.21-20.ELsmp/kernel/net/key/af_key.o
> ipsec_setup: Symbol version prefix 'smp_'

Run 'lsmod' and see if af_key, esp4, ah4 and ipcomp loaded properly.

> ipsec_setup: modprobe: Can't locate module xfrm4_tunnel
> ipsec_setup: modprobe: Can't locate module xfrm_user

That's fine. that kernel predates the xfrm4_tunnel module, and I
think xfrm_user might be compiled inline in that kernel.

> ipsec_setup: modprobe: Can't locate module sha1
> ipsec_setup: modprobe: Can't locate module md5
> ipsec_setup: modprobe: Can't locate module des

This could be a problem. There should be the cryptoapi modules when
using netkey. I am not sure why you would not have those. Perhaps
they have a different prefix/name ?

Paul



More information about the Users mailing list