[Openswan Users] openswan on dedibox
Reza Issany
issanyr at gmail.com
Fri Nov 14 01:35:06 EST 2008
Ok, so I'll patch my kernel to use KLIPS.
I'll post some new message if I have configuration difficulties with KLIPS.
Thanks for your helps.
Paul Wouters a écrit :
> On Thu, 13 Nov 2008, Reza Issany wrote:
>
>> Is it better to use KLIPS than NETKEY ?
>
> It's a bit more stable at this point....
>
>> If my problem is a policy error, how could I resolve it ?
>
> I meant to say there are likely some bugs with NETKEY causing policies
> to be missing.
>
> Paul
>
>> Reza Issany a écrit :
>>> Yes, I use netkey :
>>> root at nes:/data/xl2tpd-1.2.3# /etc/init.d/ipsec restart
>>> ipsec_setup: Stopping Openswan IPsec...
>>> ipsec_setup: Starting Openswan IPsec 2.6.18...
>>> ipsec_setup: No KLIPS support found while requested, desperately
>>> falling back to netkey
>>> ipsec_setup: NETKEY support found. Use protostack=netkey in
>>> /etc/ipsec.conf to avoid attempts to use KLIPS. Attempting to
>>> continue with NETKEY
>>>
>>>
>>>
>>> Paul Wouters a écrit :
>>>> On Thu, 13 Nov 2008, Reza Issany wrote:
>>>>
>>>>
>>>>> Ok, I've added debug tunnel = yes, I have recompiled the xl2tpd
>>>>> with DFLAGS
>>>>> and change the mt and mru.
>>>>>
>>>>
>>>> Hmm, didnt give us much more to go on :(
>>>>
>>>> Are you using NETKEY? There might be a policy problem there.
>>>>
>>>> Paul
>>>>
>>>>
>>>
>>
>
More information about the Users
mailing list