[Openswan Users] Re: Fedora Core 5 & OpenSwan - No Compression
Jorge Santos
jsantos at deltasoft.pt
Thu Jul 20 17:24:13 CEST 2006
Hi Phillip
Server:
[root at olorin ~]# cat /proc/version
Linux version 2.6.9-prep (root at olorin.arda.local) (gcc version 3.4.5
20051201 (Red Hat 3.4.5-2)) #1 Thu Jun 1 12:51:24 WEST 2006
I forgot to mention that the server's kernel was compiled from
kernel-2.6.9-34.107.plus.c4.src.rpm (centosplus repo), in order to have
klips.
Client:
[root at pcjsantos ~]# cat /proc/version
Linux version 2.6.9-34.0.2.EL (buildcentos at v20z-i386) (gcc version 3.4.5
20051201 (Red Hat 3.4.5-2)) #1 Fri Jul 7 19:24:57 CDT 2006
Cheers
JS
> Jorge,
>
> Seems like last time it had something to do with the kernel version (but
> a patch in openswan fixed it). If you could...go ahead and post "cat
> /proc/version" here.
>
> Thanks,
> Phillip
>
> Jorge Santos wrote:
>> Hi all
>>
>> FYI, i have the same prob, but i am using CentOS 4.3 on both sides and
>> openswan-2.4.5. On the server side i have klips and on the client, i
>> have
>> netkey, both compiled from source.
>>
>>
>>> Hello all,
>>>
>>> I seem to be having a problem using OpenSwan with Fedora Core 5. The
>>> tunnel establishes just fine, but it seems that whenever compression is
>>> enabled, information cannot travel across the tunnel. Oddly enough, it
>>> will travel one way -- from the Fedora Core 5 machine to a
>>> known-to-work
>>> Fedora Core 3 machine. If "compress=no" is set on both ipsec.conf
>>> files, then it works just fine. I had this problem with Fedora Core 4
>>> and the eventual fix was to use "openswan-2.3.2x" (the fix also worked
>>> on Fedora Core 3). I've tried using that, but I'm back to FC5's rpm of
>>> "openswan-2.4.4-1.1.2.1.i386" since it didn't help.
>>>
>>> Here's a reference of the FC4 post that discussed the fix:
>>> http://lists.openswan.org/pipermail/users/2005-July/005592.html
>>> (Also another important thing to note, would be that small pings do not
>>> go thru when "compress=yes")
>>>
>>> Version info:
>>> Linux version 2.6.15-1.2054_FC5 (bhcompile at hs20-bc1-3.build.redhat.com)
>>> (gcc version 4.1.0 20060304 (Red Hat 4.1.0-3)) #1 Tue Mar 14 15:48:33
>>> EST 2006.
>>> Linux Openswan U2.4.4/K2.6.15-1.2054_FC5 (netkey)
>>>
>>> ipsec.conf (the important part, with the important numbers & names
>>> substituted):
>>> "
>>> conn SUNRISEtoSUNSET
>>> authby=secret
>>> left=5.5.5.5
>>> leftsubnet=192.168.1.0/24
>>> leftnexthop=%defaultroute
>>> right=7.7.7.7
>>> rightsubnet=192.168.2.0/24
>>> rightnexthop=%defaultroute
>>> compress=yes
>>> auto=start
>>> "
>>>
>>> Thanks,
>>> Phillip
>>>
>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> Users at openswan.org
>>> http://lists.openswan.org/mailman/listinfo/users
>>> Building and Integrating Virtual Private Networks with Openswan:
>>> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>>>
>>>
>>
>>
>>
>
More information about the Users
mailing list