[Openswan Users] Fedora Core 5 & OpenSwan - No Compression
Phillip T. George
phillip at eacsi.com
Wed Jul 19 18:54:57 CEST 2006
Hello all,
I seem to be having a problem using OpenSwan with Fedora Core 5. The
tunnel establishes just fine, but it seems that whenever compression is
enabled, information cannot travel across the tunnel. Oddly enough, it
will travel one way -- from the Fedora Core 5 machine to a known-to-work
Fedora Core 3 machine. If "compress=no" is set on both ipsec.conf
files, then it works just fine. I had this problem with Fedora Core 4
and the eventual fix was to use "openswan-2.3.2x" (the fix also worked
on Fedora Core 3). I've tried using that, but I'm back to FC5's rpm of
"openswan-2.4.4-1.1.2.1.i386" since it didn't help.
Here's a reference of the FC4 post that discussed the fix:
http://lists.openswan.org/pipermail/users/2005-July/005592.html
(Also another important thing to note, would be that small pings do not
go thru when "compress=yes")
Version info:
Linux version 2.6.15-1.2054_FC5 (bhcompile at hs20-bc1-3.build.redhat.com)
(gcc version 4.1.0 20060304 (Red Hat 4.1.0-3)) #1 Tue Mar 14 15:48:33
EST 2006.
Linux Openswan U2.4.4/K2.6.15-1.2054_FC5 (netkey)
ipsec.conf (the important part, with the important numbers & names
substituted):
"
conn SUNRISEtoSUNSET
authby=secret
left=5.5.5.5
leftsubnet=192.168.1.0/24
leftnexthop=%defaultroute
right=7.7.7.7
rightsubnet=192.168.2.0/24
rightnexthop=%defaultroute
compress=yes
auto=start
"
Thanks,
Phillip
More information about the Users
mailing list