[Openswan Users] interface ipsec0 missing

Marcus Carlson marcus at mejlamej.nu
Thu Jul 26 18:39:01 EDT 2007


Osvaldo Alvarez Pozo skrev:
> Hi I have debian etch 2.6.18-4-686 #1 SMP selon uname -a
> i did apt-get install openswan then I configured ipsec.conf like this:
>SNIP
> 
> Where is my problem, is there a step i did not do?
> 

Not a problem. In linux there's two ipsec stacks with NETKEY being the 
standard in 2.6 and also in the debian kernel. This stack does not have 
an ipsec0 interface, instead it uses the normal interface eg eth0. 
(Hopefully this will change (?) - i remember reading about this some 
time ago but can't remeber where - fill me in anyone... )

However the other stack, KLIPS, gives you an ipsec0 interface. Install 
using apt-get install module-assistant && m-a a-i openswan
But be aware that having two ipsec stacks causes major trouble, so 
before you can modprobe ipsec (the KLIPS stack) you have to rmmod af_key 
esp4 ah4 ipcomp (NETKEY stack).

Hope this helps.

Marcus

> Thanks  in advance.
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan: 
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155



More information about the Users mailing list