Mailinglist Archive: opensuse-security (511 mails)
| < Previous | Next > |
FreeS/WAN on 7.2 with kernel 2.4.4
- From: "Reckhard, Tobias" <Reckhard@xxxxxxxxxx>
- Date: Thu, 16 Aug 2001 14:14:00 +0200
- Message-id: <96C102324EF9D411A49500306E06C8D1348145@xxxxxxxxxxxxxxxxx>
Hi all
I've been trying to set up IPSec on two SuSE 7.2 systems with FreeS/WAN and
the default 2.4.4 kernel (k_deflt-2.4.4-4GB.rpm). Setup works fine, Pluto
starts up ok on "rcipsec start", both gateways establish SAs, everything
looks great. Then, when I send packets across (such as using 'ping'), the
receiving gateway complains that it isn't getting IPSec packets (when debug
output is on). A sniffer on the same hub shows me that it is wrong.
So, after trying to find an error for a while, I went and installed the
2.2.19 kernel on the machines and, lo and behold, everything works fine.
BUT: I can't use the 2.2.19 kernel, since I need iptables on the box.
So the question is: Has anyone else encountered and perhaps mastered this
problem? To Roman, Thomas et. al.: is this a known problem and are steps
against it being undertaken?
Thanks for any insights.
Tobias
--
Tobias Reckhard
secunet
Security Networks AG Tel : +49(6196)95888-42
Mergenthalerallee 77 Fax : +49(6196)95888-88
D-65760 Eschborn E-Mail: reckhard@xxxxxxxxxx
I've been trying to set up IPSec on two SuSE 7.2 systems with FreeS/WAN and
the default 2.4.4 kernel (k_deflt-2.4.4-4GB.rpm). Setup works fine, Pluto
starts up ok on "rcipsec start", both gateways establish SAs, everything
looks great. Then, when I send packets across (such as using 'ping'), the
receiving gateway complains that it isn't getting IPSec packets (when debug
output is on). A sniffer on the same hub shows me that it is wrong.
So, after trying to find an error for a while, I went and installed the
2.2.19 kernel on the machines and, lo and behold, everything works fine.
BUT: I can't use the 2.2.19 kernel, since I need iptables on the box.
So the question is: Has anyone else encountered and perhaps mastered this
problem? To Roman, Thomas et. al.: is this a known problem and are steps
against it being undertaken?
Thanks for any insights.
Tobias
--
Tobias Reckhard
secunet
Security Networks AG Tel : +49(6196)95888-42
Mergenthalerallee 77 Fax : +49(6196)95888-88
D-65760 Eschborn E-Mail: reckhard@xxxxxxxxxx
| < Previous | Next > |