[Openswan Users] Looking for stable CentOS 5.1 build

Rick Cooper rcooper at dwford.com
Sat Jun 14 20:15:40 EDT 2008

I am not even going into what I have tried at this point, kernels from the
latest 2.18.53x Centos 5.1 kernel through kernels 2.19x, 2.20x, 2.22x, 2.24x
and 2.25x. I cannot get openswan 2.6.14 build on any of them. The kernels
that don't puke on the nat patch, either don't see klips, or don't see
netkey or klips either one or apply the patch fine but fail building the

I can build 2.4.12 on several of the various kernels I have tried, and seem
to run ok until I attempt to mount any network file system (nfs, nfs4, cifs)
at which point the kernel panics and I get a not syncing error and BUG:
unable to handle kernel NULL pointer dereference at virtual add ress

I was able to get around this by using netkey instead of klips but I
***hate*** netkey and it "magic" ipsec packet handling.

I am really frustrated because I have been using openswan since it was
freeswan and I have 1/2 dozen redhat 7.3 2.4x kernel boxes running
openswan-2.0.0 for a *very* long time and have never had issue with any
version of freeswan (of any kinds).

My real question is:

	anyone out there running centos 5.1 and freeswan klips (I don't need
nat-t btw)? And able to mount network shares without puking?
		if so: what kernel version, what freeswan version? I am
willing to back peddle the kernel if that what it takes. I need a
Stable, robust ipsec solution, preferably one that uses ipsec+ interfaces so
traffic can be tracked, watched and managed.


Rick Cooper

This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the Users mailing list