[Openswan Users] Configuration Help

Paul Wouters paul at xelerance.com
Tue Feb 13 14:39:02 EST 2007


On Tue, 13 Feb 2007, Josh wrote:

> We are using RedHat Advanced Server 4 Update 4.

Then you have a problem. Perhaps you can try a kernel of the upcoming
RHEL 4.5 release. Talk to your vendor, they know IPsec is pretty
broken on those kernels.

Paul

> On 2/13/07, Paul Wouters <paul at xelerance.com> wrote:
> >
> > On Tue, 13 Feb 2007, Josh wrote:
> >
> > > The good news:
> > >
> > > We were able to get the configuration to work!
> > >
> > > The bad news:
> > >
> > > So far the configuration will work on kernel 2.4.21-37 i686 but it
> > freezes
> > > the system when we run it on kernel 2.6.9-42 x86_64
> >
> > Is that a RHEL4/Centos kernel? If so, it would explain the failure. Don't
> > use
> > that kernel for IPsec (either NETKEY or KLIPS) as it is just too broken
> > for
> > either. Try replacing the RHEL4/Centos kernel/system with a FC6 one.
> >
> > > Is the 2.6 NAT-T patch required for building and using the openswan
> > module
> > > under the 2.6 kernel?
> >
> > If using KLIPS yes, if using NETKEY, no.
> >
> > Paul
> >
>

-- 
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155


More information about the Users mailing list