[Openswan Users] upgrade openswan on CC 4.3 box

Paul Wouters paul at xelerance.com
Wed May 20 00:11:11 EDT 2009


On Tue, 19 May 2009, Sven J. van Rooij wrote:

> Thanks for the quick response.
> So I did do the upgrade and same issue…
> 
> I get my tunnels up, but now no traffic seems to go across the tunnel.

> Linux Openswan U2.4.9/K2.6.18-93.cc4 (netkey)

That's still an ancient openswan version (and vulnerable to a one packet DOS attack)

> NETKEY detected, testing for disabled ICMP send_redirects        [FAILED]
> NETKEY detected, testing for disabled ICMP accept_redirects     [FAILED]

> Even though I have disabled the send and accept redirects….

You might need to reboot as some settings (eg "default" or "all") won't
get applied to already created interfaces.

Paul


More information about the Users mailing list