[Openswan Users] Error in OPENSWAN with XL2TP
Neal Murphy
neal.p.murphy at alum.wpi.edu
Thu Jun 9 15:59:50 EDT 2011
On Thursday 09 June 2011 08:30:24 heta shah wrote:
> Hello Sir,
>
> Please help me on openswan in ubuntu.
>
> I have upgrade the openswan to Openswan U2.6.30 version . But in this when
> I am tring to ipsec verify its howing
>
> root at heta-VirtualBox:/usr/local# sbin/ipsec verify
> Checking your system to see if IPsec got installed and started correctly:
> Version check and ipsec on-path [OK]
> Linux Openswan U2.6.30/K2.6.35-22-generic (netkey)
> Checking for IPsec support in kernel [OK]
> SAref kernel support [N/A]
> NETKEY detected, testing for disabled ICMP send_redirects [OK]
> NETKEY detected, testing for disabled ICMP accept_redirects [OK]
> Checking that pluto is running [OK]
> Pluto listening for IKE on udp 500 [OK]
> Pluto listening for NAT-T on udp 4500 [OK]
> Checking for 'ip' command [OK]
> Checking for 'iptables' command [OK]
> Opportunistic Encryption Support [DISABLED]
> root at heta-VirtualBox:/usr/local#
>
>
> Mean of that ipsec is not supported to kernel so* how to compile kernel for
> IPSEC Please help me*.
It appears you *do* have IPSEC available in the kernel in the form of NETKEY.
If you instead want KLIPS support, you'll need to "make programs; make module;
make install minstall" (abbreviated) when building openswan. Then you'll need
"rmmod af_key; modprobe ipsec".
More information about the Users
mailing list