[Openswan Users] Error messages when verifying IPSEC
Paul Wouters
paul at xelerance.com
Tue Aug 7 10:57:11 EDT 2007
On Tue, 7 Aug 2007, Pink Princess wrote:
> although I have used the native method but when i run the following command
> ipsec --version
>
> I got the following message : Linux Openswan 2.4.9 (klips)
It looks like you have KLIPS installed, as well as the "native" NETKEY.
> KLIPS detected, checking for NAT Traversal support [FAILED]
But not the NAT-T patch, so NAT-Traversal won't work.
> Hardware RNG detected, testing if used properly [FAILED]
You can ignore this, unless it is some embedded device, in which
case you probably really want this.
> Two or more interfaces found, checking IP forwarding [FAILED]
If you are only doing host-host tunnels, you are fine. If you are
doing subnet tunnels (or NAT-T), then this needs fixing in /etc/sysctl.conf
Paul
More information about the Users
mailing list