[Openswan Users] Re: [SOLVED] IPsec SA established but traffic doesn't get back toorigin

Paul Wouters paul at xelerance.com
Mon May 15 16:46:28 CEST 2006

On Mon, 15 May 2006, Marco Berizzi wrote:

> Mariano Aliaga wrote:
> > "* compression seems to be incompatible
> > between KLIPS and the 2.6 ipsec code.
> > Since we believe the 2.6 ipsec code is
> > wrong, we cannot fix this.
> This is wrong. There is no incompatibilies
> between KLIPS & netkey ipcomp code.
> The problem is setkey from ipsec-tools not
> netkey.

Partially. It is the wrong application of transforms that setkey allows and
people use because racoon it too difficult to configure that is mostly
the problem. But we did have interop problems with openswan-netkey vs
openswan-klips as well.
Since we are extending our testing infrastructure to also test interop
with klips-netkey, we will find out if this is still true in the near

Building and integrating Virtual Private Networks with Openswan:

More information about the Users mailing list