[Openswan Users] RES: RES: RES: RES: Openswan with L2TP
paul at xelerance.com
Thu Sep 24 19:22:08 EDT 2009
On Thu, 24 Sep 2009, Giovani Moda wrote:
>> Yes, the saref patch should be enough.
> Well, recompiled kernel with saref.pacth, recompiled openswan-2.6.23
> with MAST and USE_SAREF_KERNEL=true, installed everything and on the
> first run I actually had a mast0 interface. When I tried to connect, I
> got a kernel crash and now I can't seem to make mast work again. Here's
> the output:
> Sep 24 18:52:57 combo pluto: Using KLIPSng (mast) IPsec interface
> code on 220.127.116.11-90_mr.fc7
> Sep 24 18:52:57 combo pluto: listening for IKE messages
> Sep 24 18:52:57 combo pluto: | useful mast device -1
> Sep 24 18:52:57 combo pluto: ERROR: PF_KEY K_SADB_X_PLUMBIF
> response for configure_mast_device included errno 2: No such file or
> Sep 24 18:52:58 combo pluto: plumb command exited with status 1
It seems that either the kernel or that klips module has no proper
support for SAref tracking.
The patch contains the line:
+ #define IP_IPSEC_REFINFO 22
Are you sure that was not already used for a nother policy?
It also seems looking at it that saref.patch is missing most of
the code. Please have a look at the 18.104.22.168-0.2.5 version of
the patch. And make sure 22 is available on your kernel. If you
change that number, also change it for xl2tpd.
More information about the Users