[Openswan Users]

Paul Wouters paul at xelerance.com
Tue Feb 1 00:33:19 CET 2005


On Mon, 31 Jan 2005, David T-G wrote:

> I'm doing contract work for a client and need to access their site from
> my office.  If I had Windows I could use their NeoTeris gateway, painful
> though it is, and at least get in.  Instead I have the Cisco vpnclient
> software (--version == "Cisco Systems VPN Client Version 4.6.00 (0045)")
> on my SuSE 9.0Pro 2.4.21 Linux system.

Ah good first step would be to run this on a windows machine first, so you
know for sure the information is correct, and what user/pass/challange you
need to input.

>  Username [(null)]: Segmentation fault

Perhaps gdb or strace might tell you which library is 'the problem' and perhaps
downgrade or upgrade that library, or..

> IF, indeed, I have a proper understanding of the openswan client, what
> must I do to convert a Cisco profile and to get it built (or is a SuSE
> RPM available?) and installed my machine?

See contrib/cisco/ for a perl script that converts your cisco profile to
an openswan connection. Suse has rpms, but you can also find them on:
ftp://ftp.openswan.org/openswan/binaries/suse/9
Warning: the suse 2.4 kernel (AFAIK) has not applied the natt-patch to
allow IPsec NAT-Traversal. If your linux machine has a real public ip,
this is not an issue, but if you're behind nat, then it is, and you
will have to patch that kernel. You will also need to build the klips
kernel module, though if you rebuild the source rpm, it should build
the openswan-klips package.
I would first try to get it to work on public ip, then try from behind nat.

Paul
-- 

"At best it is a theory, at worst a fantasy" -- Michael Crichton



More information about the Users mailing list