[Openswan Users] Openswan 2.4.5rc7 on 2.4.32

Stephen Jones hivemynd at hivemynd.net
Tue Apr 4 21:06:59 CEST 2006

Hi Paul and list,

I built openswan-2.4.5rc7 on a vanila 2.4.32 kernel (in the progress of 
migrating from openswan-1.x to 2.x).  The results of ipsec verify are below:

# ipsec verify
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path                                 [OK]
Linux Openswan 2.4.5rc7 (klips)
Checking for IPsec support in kernel                            [OK]
KLIPS detected, checking for NAT Traversal support              [FAILED]
Checking for RSA private key (/etc/ipsec.secrets)               [OK]
Checking that pluto is running                                  [OK]
Checking for 'ip' command                                       [OK]
Checking for 'iptables' command                                 [OK]
Opportunistic Encryption Support                                [DISABLED]

Which is a marked improvement on the systems here since pluto is now 
listed as running (when it would not for all previous versions of 
2.4.5rcX).  NAT-T still appears disabled, but the patch is applied.  It 
might say disabled because the ipsec.conf on the test machine does not 
use it.  Unfortunately I can't test actual functionality at the moment 
:|  At least there appears to be progress on the building front however!

I will be be able to build openswan-2.4.5rc7 for an SMP configuration 
later tonight, will report whether or not it crashes on KLIPS load.


More information about the Users mailing list