[Openswan Users] Re-2: Upgrade question
Paul Wouters
paul at xelerance.com
Thu Dec 21 08:12:20 EST 2006
On Wed, 20 Dec 2006, Ludovic MARCILLY wrote:
> sorry to use only your email address but i can't send mail to users at openswan.org. I don't know why but it fails. I have tried to create another account width an other email address but i don't have received confirmation mail...
I noticed the problem. For now, use users at lists.openswan.org.
> So, i just want to know ont thing and perhaps you can help me. I've got a script to compile openswan and kernel width v1.0.7 of openswan.
openswan-1 is no longer supported, it is End Of Life. You should use 1.0.10
if anything, and even that has some risks.
> I have already try applying the klips patch before kernel compilation. I have some options but not for example blowfish algorithm. And when i try to run ipsec, it return errors like "ipsec_setup: /usr/libexec/ipsec/klipsdebug: Trouble opening PF_KEY family socket with error: Algorithm support not available in the kernel. Please compile in support."
> Do you have any idea about this problem?
openswan-1 cannot use all ciphers/algos. Only 3des/aes is guaranteed to work
for IKE and ESP.
Paul
More information about the Users
mailing list