Fwd: Re: [Openswan Users] Cannot ping hosts behind OpenSWAN host
Jason Martin
jason.martin at metrixmatrix.com
Thu Feb 23 14:18:01 CET 2006
On Thursday 23 February 2006 12:08 pm, Paul Wouters wrote:
> On Tue, 21 Feb 2006, Jason Martin wrote:
> > Linux Openswan U2.4.5rc4/K2.6.9-22.0.2.EL (netkey)
> >
> > I am using Centos 4.2 with the stock 2.6.9 kernel, are there any issues
> > with that kernel at this time?
>
> 2.6.9 is way too old and buggy when using netkey.
>
I did assume that, and I've compiled a new 2.6.15.4 kernel with the NAT-T
patch. A strange thing though, with the patch and KLIPS, ipsec verify still
says that KLIPS is detected, but NAT Traversal support failed.
Also, if I use netkey, I can get the windows client to reply to two pings
after a "Negotiating IP Security" message, but then all pings afterwards time
out.
--
Jason Martin
Metrix Matrix, Inc.
785 Elmgrove Road, Building 1, Rochester, NY 14624
Office: 888-865-0065 Ext. 202
Mobile: (585) 721-8679
More information about the Users
mailing list