[Openswan Users] Openswan isntallation

Michael H. Warfield mhw at WittsEnd.com
Tue Jan 12 08:53:16 EST 2010 

On Tue, 2010-01-12 at 12:23 +0000, Zaeem Sherazi wrote:
> Dear Paul,
> 
> Regarding your question about KLIPS (Kernal Layer IP Security) is
> concerned I am not very much clear that it is required or not but I
> need some NAT traversal. So as per my Google search it seems that
> KLIPS is required.

You do not need KLIPS unless, for some reason, you need/want the
ipsec[012...] interfaces.  The kernels in CentOS 5 all support IPSec ala
the native netkey support and all support NAT-T.  OpenSWAN runs just
fine on those kernels with the native IPSec and it's even in the yum
repositories.  I've been using it that way for years.

> You also wrote that "<The current release does not compile on 2.6.18
> based kernels (rhel/centos)>" Can you please let me know then what
> version of Openswan should I try with My centOS 5.3 (Kernel:
> 2.6.18-128)?
> 
> Regards,
> 
> Zaeem


> > Date: Mon, 11 Jan 2010 10:49:35 -0500
> > From: paul at xelerance.com
> > To: zaeemabbas at hotmail.com
> > CC: webserv at s3group.cz; users at openswan.org
> > Subject: Re: [Openswan Users] Openswan isntallation
> > 
> > On Mon, 11 Jan 2010, Zaeem Sherazi wrote:
> > 
> > > Thanks for your continous support. I have prepared a computer with
> centOS 5.3 and kernel (Linux localhost.localdomain
> > > 2.6.18-128.el5xen #1 SMP Wed Jan 21 11:55:02 EST 2009 i686 i686
> i386 GNU/Linux). WHen I am installig
> > > openswan-2.6.24.tar.gz I am facing again same error that I faced
> while installing it on RHEL5.
> > >  
> > > [root at localhost openswan-2.6.24]# make module
> > 
> > Do you really needs KLIPS?
> > 
> > > /usr/src/openswan-2.6.24/modobj26/ipsec_tunnel.c: In function
> âklips_headerâ:
> > > /usr/src/openswan-2.6.24/modobj26/ipsec_tunnel.c:249: error:
> âstruct net_deviceâ has no member named âheader_opsâ
> > > /usr/src/openswan-2.6.24/modobj26/ipsec_tunnel.c: In function
> âklips_header_parseâ:
> > 
> > The current release does not compile on 2.6.18 based kernels
> (rhel/centos)
> > 
> > Paul

Mike
-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
Url : http://lists.openswan.org/pipermail/users/attachments/20100112/4ce31a98/attachment.bin

More information about the Users mailing list