[Openswan Users] Kernel-2.6.27 and nat-t patch
Paul Wouters
paul at xelerance.com
Tue Jun 23 12:33:16 EDT 2009
On Tue, 23 Jun 2009, Sasa wrote:
> Hi, therefore with kernel-2.6.27 (Fedora Core 10) for to use Openswan-2.6.22
> with klips and nat-t support (and xl2tp) isn't necessary applied nat-t patch
> and klips-patch ? and therefore isn't necessary recompile kernel ?
That is correct.
> With kernel-2.6.27 and Openswan-2.6.22 I can install in this mode from osw
> directory:
>
> #make programs install
> #make KERNELSRC=/lib/modules/`uname -r`/build module minstall
> #depmode -a
> #rmmod af_key esp4 ah4 ipcomp
> #modeprobe ipsec
Yes. However, for l2tp there is a bug in userland 2.6.x (all versions). So
in your case, it might sound strange, but install 2.6.22 klips version, and
use userland 2.4.14 (or 2.4.15 which I'm pushing today that has the ASN.1
fixes in it too)
Paul
More information about the Users
mailing list