[Openswan Users] Re: [SOLVED] IPsec SA established but traffic
doesn't get back toorigin
Paul Wouters
paul at xelerance.com
Mon May 15 16:46:28 CEST 2006
On Mon, 15 May 2006, Marco Berizzi wrote:
> Mariano Aliaga wrote:
>
> > "* compression seems to be incompatible
> > between KLIPS and the 2.6 ipsec code.
> > Since we believe the 2.6 ipsec code is
> > wrong, we cannot fix this.
>
> This is wrong. There is no incompatibilies
> between KLIPS & netkey ipcomp code.
> The problem is setkey from ipsec-tools not
> netkey.
Partially. It is the wrong application of transforms that setkey allows and
people use because racoon it too difficult to configure that is mostly
the problem. But we did have interop problems with openswan-netkey vs
openswan-klips as well.
Since we are extending our testing infrastructure to also test interop
with klips-netkey, we will find out if this is still true in the near
future.
Paul
--
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list