[Openswan Users] not able to use compression
Paul Wouters
paul at xelerance.com
Wed May 16 13:00:10 EDT 2007
On Wed, 16 May 2007, Andy Gay wrote:
> You may be hitting the bug that Stephan Scholz <sscholz at astaro.com>
> reported in http://bugs.xelerance.com/view.php?id=538
>
> The problem is that the ipcomp proposal is being lost. I posted a patch
> to fix it about 9 months ago, but the Openswan developers haven't seen
> fit to merge it.
So it seems like the combination of compression with esp= never worked
in 2.4.x. This issue has been resolved in 3.x and will be back ported
to 2.5.x. You then configure ipcomp on the esp= line. From the
testing/pluto/ipcomp-01 testcase:
conn westnet-eastnet-comp1
esp=aes128-sha1-deflate
compress=yes
also=westnet-eastnet
The fix as proposed by Andy is somewhat invasive. Since we are about to put
2.4.x in maintenance mode, I'm somewhat reluctant to apply that patch
right now.
Instead, I have put the patch in the contrib/ directory.
Paul
More information about the Users
mailing list