[Openswan Users] UDP encapsulation in Suse 10 ?
Paul Wouters
paul at xelerance.com
Sun Feb 12 03:38:20 CET 2006
On Fri, 10 Feb 2006, Pjothi wrote:
> I am successful in setting up IPSec with preshared keys (both
> transport and tunnel ) using racoon between two Suse Linux 10
> machines which uses openswan and comes pre-configured.
You cannot be "using raccon which uses openswan". Both are IPsec keying
daemons and you will be using either one or the other, not both at
the same time. So I am not sure what you tried to get to work and what
worked or not.
> I would like to know if there is already UDP encapsualation capability
> integrated with Freeswan implementation on Suse Linux ( kernel release
> 2.6.13-15).
There are two different IPsec kernel stacks, KLIPS and NETKY. KLIPS
requires a kernel patch for nat-t, NETKEY does not. Racoon only works
with NETKEY. The NETKEY is part of the stock 2.6 kernel, KLIPS is not.
> Because the README files for NAT traversal says, I need to patch up
> the kernel.
Only if you want/need KLIPS. It is not needed when using racoon and
NETKEY.
Paul
More information about the Users
mailing list