[Openswan Users] Openswan ipv6 tunnels

Paul Wouters paul at xelerance.com
Fri Mar 28 10:07:00 EDT 2008

On Fri, 28 Mar 2008, Paul Whelan wrote:

> I've been trying for some time to set up Openswan 2.4.9 (with NETKEY) with
> IPv6 without success.

> My IPv6 routes and ips are correct and my kernel has the appropriate options installed. I have set up a IPv6 IPSEC tunnel using setkey to manually add SAs & SPs, I was able to ping across the tunnel and could see the ESP packets using tcpdump from each direction.
> My ipsec.conf file seems to be correct, as it doesn't give any errors when starting Openswan and is included below.
> Does IPv6 work on 2.4.9, or is there some ipv6 patch i need that is mentioned in some forums?

I would try to use 2.5.x, as most of the startup scripting has been replaced
by the addcon and libipsecconf code. We have not tested whether using the
configuration files works fully with ipv6.

As a step in between, you can also use "ipsec whack" to 'configure' the
conn for ipv6.

Building and integrating Virtual Private Networks with Openswan:

More information about the Users mailing list