[Openswan Users] Change to kernel 2.6 KLIPS
Sean Tan
wltan at eb.com.my
Wed May 25 18:03:20 CEST 2005
I have change to use KLIPS from NETKEY. Last time my problem of using
NETKEY is 192.168.2.2 from 192.168.1.2 and vice versa
192.168.1.2-----192.168.1.1/10.150.15.34======10.150.15.200/192.168.1.1----192.168.1.2
But now i change to use KLIPS in kernel 2.6 fedora core 2, i faced the
problem of i can't ping from 192.168.1.2 to 192.168.2.2 and versa vice
but i can see the tunnel is up. Why it happend? and what i suppose to
do?
Sean Tan
On Thu, 2005-05-19 at 16:20, Paul Wouters wrote:
> On Thu, 19 May 2005, Tan Weng Leong wrote:
>
> > When i type ipsec auto --up net i have the following :
> > 104 "net" #1: STATE_MAIN_I1: initiate
> > 003 "net" #1: received Vendor ID payload [Openswan (this version) 2.3.1
> > X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
> > 003 "net" #1: received Vendor ID payload [Dead Peer Detection]
> > 106 "net" #1: STATE_MAIN_I2: sent MI2, expecting MR2
> > 108 "net" #1: STATE_MAIN_I3: sent MI3, expecting MR3
> > 004 "net" #1: STATE_MAIN_I4: ISAKMP SA established
> > 117 "net" #2: STATE_QUICK_I1: initiate
> > 004 "net" #2: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0x537d7c90
> > <0xeab7c0c4 xfrm=AES_0-HMAC_SHA1}
>
> That is good. It works!
>
> > i type ipsec look havethe following :
> > VPN Thu May 19 09:40:30 MYT 2005
> > cat: /proc/net/ipsec_spigrp: No such file or directory
> > cat: /proc/net/ipsec_eroute: No such file or directory
> > egrep: /proc/net/ipsec_tncfg: No such file or directory
> > sort: open failed: /proc/net/ipsec_spi: No such file or directory
>
> That is because you use NETKEY and not KLIPS. It's a known issue, and will
> be fixed.
>
> Paul
>
More information about the Users
mailing list