[Openswan Users]

Marcus Leech mleech at nortel.com
Mon Feb 28 14:07:03 CET 2005

Giovani Moda - MR Informática wrote:

> Has anyone tried to build KLIPS (openswan 2.3.0) under Whitebox?
> I've been trying on Fedora Core 3 (only testing), with no success. I'm 
> downloading Whitebox's isos to give it a shot.
> What about that EAGAIN problem? Guess I missed that. Is openswan 2.3.0 
> NETKEY (also) no good on Fedora 3?
> Giovani
I found that my roadwarrior client had problems.  I have to re-start 
OpenSwan every time I take my
  roadwarrior connection down, in order to re-establish it.  Otherwise, 
applications get "EAGAIN"
  (resource temporarily unavailable) when they try to pass traffic.  A 
minor annoyance, really, since
  I'm the only user of the laptop--I can simply script things to 
re-start OpenSwan whenever I need to
  re-establish my roadwarrior connection.  But it's unsettling, and to 
me hints at deeper problems
  that may yet manifest themselves.

I couldn't get KLIPS to work at all.  First, there's a problem with the 
AES module causing a NULL pointer
  dereference in the kernel.  Patching the ipsec.conf file to avoid AES 
code, simply results in other problems--
  like the roadwarrior client locking up so tight I had to pull the 
battery out to get a restart.  Now, this is with
  2.3.1dr3, and the current CVS HEAD.  Older OpenSwan versions might be 
OK, but I need MODECFG
  support, which is why I'm using a bleeding-edge OpenSwan codebase.

More information about the Users mailing list