[Openswan Users] Firewalling a vpn connection

Paul Wouters paul at xelerance.com
Fri Aug 19 21:06:14 CEST 2005


On Fri, 19 Aug 2005, Fred Strauss wrote:

>> The easiest way is to use KLIPS instead of NETKEY. KLIPS is the Openswan
>> kernel module for IPsec. You can either compile it yourself from source,
>> or grab a premade RPM from ftp.openswan.org.
>
> As far as I know I'm already using KLIPS. I'm running RedHat
> Enterprise Linux 4, kernel 2.6.9

I doubt it. check with lsmod whether you have ipsec.ko (klips) or 
af_key (netkey).

> Should that give me an ipsec or similiar network interface?

only klips will give you ipsecX interfaces.

Paul


More information about the Users mailing list