[Openswan Users] OpenSWAN 2.3 and KLIPS 2.6 on RHES4
Paul Wouters
paul at xelerance.com
Wed Mar 9 11:22:29 CET 2005
On Tue, 8 Mar 2005, Randy B wrote:
> Working a bit more with Bernd, we find that I wasn't using KLIPS - I was
> using af_key. I spent yesterday getting KLIPS (2.3.1dr3) to compile and run
> on RHES 3. I spent today trying to get KLIPS running on RHES 3.0 and CentOS
> 4.0, and failed. I can get it up and running, but no matter what I do, pluto
> keeps saying that there are "no public interfaces found". Googling was no
> help - everyone was misconfigured in a different way or had two interfaces
> with the same IP.
First stop openswan.
Then make sure the af_key (netkey) module is not loaded. Unload af_key,esp4,
ah4 and ipcomp. Then modprobe klips. Then start openswan.
Be aware that depending on the version of openswan, the klips module is
unloaded at the end. This might cause a kernel failure. Also, when neither
stack is loaded, openswan prefers the netkey (af_key) stack, so the second
start would no longer use klips. The easiest is to make sure the klips module
does not get unloaded. This is true for CVS, but you might need to edit
_startklips and change the rmmod line.
Paul
More information about the Users
mailing list