[Openswan Users] openswan & cicsco ipv6 ipsec

Paul Wouters paul at xelerance.com
Fri Dec 7 00:25:40 EST 2007


On Fri, 7 Dec 2007, jungfo wrote:

> We are using Openswan-2.4.7 on Linux-2.6.20 NETKEY for our router products.
>
> I've tried to build a ipv6 tunnel between openswan and cisco 3825. But I've
> got a strange
>
> error message. when I tried to connect to the vpn gateway with cisco.

> Openswan Error : peer client ID payload ID_IPV6_ADDR_SUBNET wrong length in
> Quick I1

> conn test
>
>         left=2007::11
>         leftnexthop=2007::22
>         right=2007::22
>         type=tunnel
>         connaddrfamily=ipv6

We have not done extensive testing of the configuration file parser,
and some of the scripts (of which some have been replaced by a new
library called libipsecconf) were not "ipv6 ready".

If you really want to test with IPv6, I suggest you try not using a
config file, but doing everything via "ipsec whack" commands. I am sorry
there is currently no better way.

Paul


More information about the Users mailing list