[Openswan Users] trying to connect OpenSWAN 2.6.19 to a Netgear FVS338
Marcos Hacker
mfhacker at hotmail.com
Fri May 29 17:31:21 EDT 2009
> > I have more information on the difference between connecting with
> > OpenSWAN 2.6.19 and 2.6.22dr2 to our Netgear FVS338.
> >
> > To recap, using certificates phase 2 connects with OpenSWAN 2.6.19 but
> > does not with 2.6.22dr2.
> >
> > The code change that seems to break the phase 2 portion of the connection
> > is in /programs/pluto/spdb_v1_struct.c. If I remove this change (/* add
> > IPcomp proposal if policy asks for it */), both 2.6.20 & 2.6.22dr2
> > complete the IPsec SA.
>
> Really? Do you have compress=yes or compress=no? Or no compress= option set?
>
> I know we allow compress even if we have compress=no. It just changes what
> we advertise to the other end. So this might be a case of the other end
> lying to use, and us then happily using compress and the other end not liking
> it. Can you find out what the settings on the other end are for compression?
>
> Paul
Hi Paul,
We are using the command line options, so we send over --compress (I assume this is compress=yes). If I remove the --compress flag (compress=no), then the connection establishes! I have not been able to determine if the Netgear uses compression.
What is the benefit of using compression?
marcos
_________________________________________________________________
Insert movie times and more without leaving Hotmail®.
http://windowslive.com/Tutorial/Hotmail/QuickAdd?ocid=TXT_TAGLM_WL_HM_Tutorial_QuickAdd1_052009
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20090529/9bf3b3f0/attachment.html
More information about the Users
mailing list