Fwd: Re: [Openswan Users] Cannot ping hosts behind OpenSWAN host

Jason Martin jason.martin at metrixmatrix.com
Thu Feb 23 14:18:01 CET 2006


On Thursday 23 February 2006 12:08 pm, Paul Wouters wrote:
> On Tue, 21 Feb 2006, Jason Martin wrote:
> > Linux Openswan U2.4.5rc4/K2.6.9-22.0.2.EL (netkey)
> >
> > I am using Centos 4.2 with the stock 2.6.9 kernel, are there any issues
> > with that kernel at this time?
>
> 2.6.9 is way too old and buggy when using netkey.
>

I did assume that, and I've compiled a new 2.6.15.4 kernel with the NAT-T 
patch. A strange thing though, with the patch and KLIPS, ipsec verify still 
says that KLIPS is detected, but NAT Traversal support failed.

Also, if I use netkey, I can get the windows client to reply to two pings 
after a "Negotiating IP Security" message, but then all pings afterwards time 
out.


-- 
Jason Martin
Metrix Matrix, Inc.
785 Elmgrove Road, Building 1, Rochester, NY 14624
Office: 888-865-0065 Ext. 202
Mobile: (585) 721-8679



More information about the Users mailing list