Menu
▾
▴
Re: [Devil-Linux-discuss] FW: IPSec Problems : 1.4 RC3
|
From: Heiko Z. <he...@zu...> - 2010-05-08 14:07:51
|
I thought Serge mentioned that he has a road warrior setup running. Please keep in mind that the ipsec implementations between 1.2 and 1.4 are very different, since the 2.6 Kernel brings now its own implementation. Heiko > -----Original Message----- > From: Udo Lembke [mailto:udo...@al...] > Sent: Friday, May 07, 2010 11:11 AM > To: dev...@li... > Subject: Re: [Devil-Linux-discuss] FW: IPSec Problems : 1.4 RC3 > > Hi Scott, > i try to upgrade an ipsec-router from an old 1.2.15 to 1.4RC3. > I got no error during ipsec-start like you, but till now i don't > get my > config running (connection to a linksys-router; normaly no great > thing). > Now, where i read your post i'm not sure that's lying on my > config!?! > > Has someone a running IPsec installation with DL1.4RC3? > > Best regards > > Udo > > Scott Schaefer schrieb: > > I replaced my 7-year old LRP-based firewall with Devil Linux two > days > > ago. I am quite pleased, with one exception ... I am having > difficulty > > with IPSEC. > > > > I am an oldster, trying to understanad this modern stuff, so my > problems > > are likely user error. It seems, however, that the > implementation is in > > rapid transition, and I am unsure of what components and/or > > configurations are being used; e.g. is pluto daemon still used, > or does > > setkey + racoon + newer kernel capabilities suffice ?? Any help > is > > appreciated; please note in advance that I may not be able to try > any > > suggestions for 24-36 hours. > > > > > > 1) Checking IPSEC in setup menu of services causes startup to > hang. > > Unchecking allows machine to boot and run without problems. > > > > After startup, if I edit /etc/sysyconfig/config to set > START_IPSEC=yes, > > and attempt to manually start, I get: > > > > /etc/init.d # ./ipsec start > > > > Starting strongSwan 4.2.16 IPsec [starter]... > > insmod /lib/modules/2.6.32.9-grsec/kernel/net/ipv4/ah4.ko > > insmod /lib/modules/2.6.32.9-grsec/kernel/net/ipv4/esp4.ko > > insmod /lib/modules/2.6.32.9-grsec/kernel/net/xfrm/xfrm_ipcomp.ko > > insmod /lib/modules/2.6.32.9-grsec/kernel/net/ipv4/ipcomp.ko > > insmod /lib/modules/2.6.32.9-grsec/kernel/net/ipv4/tunnel4.ko > > insmod /lib/modules/2.6.32.9- > grsec/kernel/net/ipv4/xfrm4_tunnel.ko > > insmod /lib/modules/2.6.32.9-grsec/kernel/net/xfrm/xfrm_user.ko > > > > > > After 90 seconds with no further response, I can <Ctrl>-C back to > OS > > prompt. It appears that all kernel modules loaded, and host of > other > > crypto modules also loaded successfully. > > > > ... > > > > > ------------------------------------------------------------------- > ----------- > > _______________________________________________ > Devil-linux-discuss mailing list > Dev...@li... > https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss |
