[Openswan Users] openswan on dedibox
Paul Wouters
paul at xelerance.com
Thu Nov 13 19:38:40 EST 2008
On Thu, 13 Nov 2008, Reza Issany wrote:
> Is it better to use KLIPS than NETKEY ?
It's a bit more stable at this point....
> If my problem is a policy error, how could I resolve it ?
I meant to say there are likely some bugs with NETKEY causing policies
to be missing.
Paul
> Reza Issany a écrit :
>> Yes, I use netkey :
>> root at nes:/data/xl2tpd-1.2.3# /etc/init.d/ipsec restart
>> ipsec_setup: Stopping Openswan IPsec...
>> ipsec_setup: Starting Openswan IPsec 2.6.18...
>> ipsec_setup: No KLIPS support found while requested, desperately falling
>> back to netkey
>> ipsec_setup: NETKEY support found. Use protostack=netkey in /etc/ipsec.conf
>> to avoid attempts to use KLIPS. Attempting to continue with NETKEY
>>
>>
>>
>> Paul Wouters a écrit :
>>> On Thu, 13 Nov 2008, Reza Issany wrote:
>>>
>>>
>>>> Ok, I've added debug tunnel = yes, I have recompiled the xl2tpd with
>>>> DFLAGS
>>>> and change the mt and mru.
>>>>
>>>
>>> Hmm, didnt give us much more to go on :(
>>>
>>> Are you using NETKEY? There might be a policy problem there.
>>>
>>> Paul
>>>
>>>
>>
>
More information about the Users
mailing list