[Openswan Users] KLIPS or NETKEY on 2.6 kernels
mario.lobo at ipad.com.br
mario.lobo at ipad.com.br
Tue Apr 12 17:14:45 CEST 2005
I´ve tested the Patrick´s ipsec-hook kernel patches and they work really well with native ipsec.
I gave up trying KLIPS. It NEVER worked ! no matter wht I did.
--
//| //||
// | // ||
-//--//---|| ARIO LOBO
// // ||
---------------------------------
mario.lobo at ipad.com.br
http://www.ipad.com.br
On 13 Apr 2005 at 2:27, Paul Hampson wrote:
> On Tue, Apr 12, 2005 at 03:50:33PM +0200, Gellér Sándor wrote:
> > Hello,
>
> > I have a (maybe lame) question: why is KLIPS getting ported to linux
> > 2.6.x kernels, if openswan already supports NETKEY? I was not able to
> > find any feature comparisions between KLIPS and NETKEY, expect the
> > ipsec* interfaces. If someone can point me to the right direction, I
> > would be thankful!
>
> The first thing that comes to mind is that KLIPS and NETKEY have
> incompatible compression.
>
> The first thing I _hit_ is that KLIPS refuses to deal with devices
> which share an IP address with other devices, so I went back to
> NETKEY, and wrapped my head around ip xfrm instead of applying
> iptables to ipsec*.
>
> --
> Paul "TBBle" Hampson, on an alternate email client.
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
More information about the Users
mailing list