[Openswan Users] Still server crash
Paul Wouters
paul at xelerance.com
Fri Apr 9 11:22:50 EDT 2010
On Thu, 8 Apr 2010, Dennis van der Meer wrote:
> Linux Openswan 2.6.master-201014.git-gcfb97bc7 (klips)
>
> So I use KLIPS.
> ip ah init: can't add protocol
> ip esp init: can't add protocol
>
> I checked my kernel config and found out some of the options were
> enabled so I changed the following:
>
> # CONFIG_INET_AH is not set
> # CONFIG_INET_ESP is not set
> # CONFIG_INET_IPCOMP is not set
> # CONFIG_INET_XFRM_TUNNEL is not set
> CONFIG_INET_TUNNEL=y
You should disasble that too, as KLIPS will be providing all the hooks.
> # CONFIG_INET_XFRM_MODE_TRANSPORT is not set
> # CONFIG_INET_XFRM_MODE_TUNNEL is not set
> # CONFIG_INET_XFRM_MODE_BEET is not set
>
> KLIPS options are set as recommended in an earlier email. I recompiled
> the kernel, restarted the system
> and checked the logs. No messages anymore about esp and ah but ipsec
> still crashes as soon as I start the vpn
Yes, we are currently working on that crasher. As a work around, you can
enable cryptoapi, and disable the built in 3DES and AES in KLIPS.
Paul
More information about the Users
mailing list