[Openswan Users]
sasa
sasa at shoponweb.it
Wed Nov 30 12:22:14 CET 2005
"Paul Wouters" wrote:
> If you want nat-t working with KLIPS you need this patch. If using NETKEY
> you
> do not need it.
..my questions is derive from installation then I have doing on FC3 with
kernel 2.6.9_1.667
On this machine I have created the rpm file installation (alway for to use
openswan/klips) in this mode:
#rpm -e ipsec-tools
#rmmod af_key
#rmmod esp4
#rmmod ipcomp
#rpm -ivh kernel-2.6.12-1.1381_FC3_src.rpm
#tar zxvf /usr/src/redhat/SOURCES/openswan-2.4.4.tar.gz
#cd /usr/src/redhat/SOURCES/openswan-2.4.4/packing/redhat
# rpmbuild -bb openswan.spec --define 'buildklips 1' --define 'kversion
2.6.9-1.667'
..in this mode I have three rpm files:
openswan-2.4.4-1.i386.rpm
openswan-doc-2.4.4-1.i386.rpm
openswan-klips-2.4.4-2.6.9_1.667_1.i386.rpm
..I have installed openswan with this files and now I have:
Nov 30 11:59:46 fw1 ipsec__plutorun: Starting Pluto subsystem...
Nov 30 11:59:46 fw1 pluto[4858]: Starting Pluto (Openswan Version 2.4.4
X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR; Vendor ID OEz}FFFfgr_e)
Nov 30 11:59:46 fw1 pluto[4858]: Setting NAT-Traversal port-4500 floating to
on
Nov 30 11:59:46 fw1 pluto[4858]: port floating activation criteria
nat_t=1/port_fload=1
Nov 30 11:59:46 fw1 pluto[4858]: including NAT-Traversal patch (Version
0.6c)
..therefore I can to use klips and nat-t ?? in this mode I dont'have
installed nat-t patch !
thanks again.
------
Salvatore.
More information about the Users
mailing list