[Openswan Users] RHEL 4 with ipsec

Gary W. Smith gary at primeexalia.com
Mon Jul 11 16:36:12 CEST 2005


Something else to consider.

RHEL4 will kernel panic when doing netfiltering using ESP packet matches
unless the RHEL4 kernel is patched to begin with.  This causes problems
without KLIPS.  There is a patch floating around (the link is somewhere in
the openswan archive).

These should be considered before even trying KLIPS.

Hope hat also helps.

Gary


On 7/11/05 2:41 PM, "Paul Wouters" <paul at xelerance.com> wrote:

> On Tue, 12 Jul 2005, Roland Pope wrote:
> 
>> I tried using OpenSWAN 2.3.1 on kernel 2.6.9-11.EL, but I got Kernel panics
>> every time when I tried to bring up a tunnel from a Windows XP machine.
>> I don't believe all the major bugs have been fixed for RHEL 4 using KLIPS
>> yet, but perhaps 2.4.0dr2 has some of these issues sorted out?
> 
> Unfortunately, that is unlikely to be the case. The redhat kernels are far
> from standard kernels and some patches in their kernels are not working well
> together with KLIPS. We are working on it, but I wouldn't try to run KLIPS
> on a 2.6 redhat/fedora kernel at this point.
> 
> Paul



More information about the Users mailing list