[Openswan Users] No ipsecN in 2.6 kernel (good one)
Miguel A. Amable V.
amable at cieta.net
Tue Feb 15 21:12:53 CET 2005
I have compiled the kernel without the native ipsec support and it didn't work.
Any ideas?
Miguel Angel Amable.
Mensaje citado por "Miguel A. Amable V." <amable at cieta.net>:
> Hello everyone,
>
> I am trying to set up a vpn with one linux fc3 on the left and one sonicwall
> on
> the right in a manually keyed connection.
>
> typing in the shell for the openswan installed it shows the following:
> [root at vpn ipsec.d]# rpm -qa | grep swan
> openswan-2.3.0-2
> openswan-klips-2.3.0-2.6.9_1.724_FC3_1
> openswan-doc-2.3.0-1
>
> the kernel is kernel-2.6.9-1.667 and it has the support in ipsec compiled as
> a
> module for FC3
>
> when I type the command:
>
> [root at vpn ipsec.d]# ipsec manual --up vpntunnel
> ipsec manual: fatal error in "vpntunnel": no IPsec-enabled interfaces found
>
> it shows the above error.
>
> I know that the 2.6 kernel don't use the interface ipsecN but what if I
> disable
> the ipsec options compiled as a kernel module so the
> installed binary openswan 2.3.0 will then begin to use its own ipsec stack
> hence
> will I have then the ipsecN interface and avoid the above error?
>
> Now I am compiling the kernel without the ah and esp options and will see
> what
> happens but what if that doesn't work? would anyone give me any options?
>
> Thank You in advance.
>
> Below you can see my config file /etc/ipsec.conf:
>
> config setup
> interfaces="ipsec0=ppp0"
> klipsdebug=all
> plutodebug=all
>
> conn vpntunnel
> # left security gateway (public-network address)
> left=a.b.c.d
> # next hop to reach right
> leftnexthop=d.s.l.g
> # subnet behind left (omit if left end of the tunnel is just the
> s.g.)
> leftsubnet=172.16.3.0/24
> # right s.g., subnet behind it, and next hop to reach left
> right=e.f.g.h
> rightsubnet=172.16.4.0/24
> # (manual) SPI number
> spi=[hexnumber]
> # (manual) encryption/authentication algorithm and parameters to it
> esp=3des-md5-96
> espenckey=[secret_key]
> espauthkey=[auth_key]
>
> --
> Miguel Ángel Amable Ventura
>
>
> ----------------------------------------------------------------------
> Tecnologías de Información http://cieta.net
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
>
--
Lic. Miguel Ángel Amable Ventura
Consultor en Tecnologías de Información
Cel. 044 442 2815059
Tel. 2141405
----------------------------------------------------------------------
Tecnologías de Información http://cieta.net
More information about the Users
mailing list