panos at kamaradata.com
Mon Feb 28 10:19:19 CET 2005
To use KLIPS wouldn't we have to build a new kernel without the IPSEC
stuff built in.
What is NETKEY?...
From: Marcus Leech [mailto:mleech at nortel.com]
Sent: Monday, February 28, 2005 10:14 AM
To: Paul Wouters
Cc: panos; users at openswan.org
Subject: Re: [Openswan Users]
I'm using FC3 with 2.6.10-1.766 kernel. I couldn't get KLIPS to work
beyond the most superficial definition of "work". I had to revert to
NETKEY, which has its own problems--like you can only do one
cycle of connection up/down, between restarts of OpenSwan. [The EAGAIN
problem we were discussing].
Paul Wouters wrote:
> On Mon, 28 Feb 2005, panos wrote:
>> Basically I am trying to setup a simple tunnel in manual mode. This
>> worked on 2.4 kernel (RH9) and openswan-2.2.0. I am now trying the
>> config under FC3 openswan-2.3.0 and its not working.
> Manual keying is very likely broken with Openswan when using NETKEY.
> most sensible thing is not to use manual keying, but automatic keying.
> you really insist on manual keying despite the strong recommendation
> switch, try using KLIPS instead of NETKEY.
> Users mailing list
> Users at openswan.org
More information about the Users