mleech at nortel.com
Mon Feb 28 14:07:03 CET 2005
Giovani Moda - MR Informática wrote:
> Has anyone tried to build KLIPS (openswan 2.3.0) under Whitebox?
> I've been trying on Fedora Core 3 (only testing), with no success. I'm
> downloading Whitebox's isos to give it a shot.
> What about that EAGAIN problem? Guess I missed that. Is openswan 2.3.0
> NETKEY (also) no good on Fedora 3?
I found that my roadwarrior client had problems. I have to re-start
OpenSwan every time I take my
roadwarrior connection down, in order to re-establish it. Otherwise,
applications get "EAGAIN"
(resource temporarily unavailable) when they try to pass traffic. A
minor annoyance, really, since
I'm the only user of the laptop--I can simply script things to
re-start OpenSwan whenever I need to
re-establish my roadwarrior connection. But it's unsettling, and to
me hints at deeper problems
that may yet manifest themselves.
I couldn't get KLIPS to work at all. First, there's a problem with the
AES module causing a NULL pointer
dereference in the kernel. Patching the ipsec.conf file to avoid AES
code, simply results in other problems--
like the roadwarrior client locking up so tight I had to pull the
battery out to get a restart. Now, this is with
2.3.1dr3, and the current CVS HEAD. Older OpenSwan versions might be
OK, but I need MODECFG
support, which is why I'm using a bleeding-edge OpenSwan codebase.
More information about the Users