Problem with freeswan after 2.4.19 kernel update
Hi list, Since updating our SuSE 8.1 VPN gateway with the latest 2.4.19 kernel update (k_deflt-2.4.19-329), users are reporting problems creating IPsec connections. The following message is repeated in the log during the connection attempt: Jul 27 19:31:50 ns2 kernel: ; found spi=0xb295d8a5, dst=xx.xx.xx.xx, proto=3/ESP Jul 27 19:31:50 ns2 kernel: ipsec4_rcv: incoming packet failed policy check; dropped ... (repeated) ... Any ideas how to fix this? Regards, Michael
Hi,
Since updating our SuSE 8.1 VPN gateway with the latest 2.4.19 kernel update (k_deflt-2.4.19-329), users are reporting problems creating IPsec connections.
Any ideas how to fix this?
Did you reboot ? If not, try this first. If "depmod -a" after reboot shows errors, wait for the fix by SuSE (they messed up this update AFAIK) or compile a new kernel by yourself. Download for the necessary kernel-patches the super-freeswan (1.98 or so) package, download kernelsource, decompress both, configure your kernel, change into the super-freeswan source dir, issue a "make insert" to generate links and patches, configure the kernel again (this time ipsec will show up), compile and install the kernel and modules, reboot. This procedure worked for me. If you do not configure the kernel before "make insert" the script will complain (it work anyway, I did not test this). This will fix the broken mppe of SuSE also, for usage with pptpd, if you like to use this kind of VPN also make sure you have "bsd-compress" option for ppp enabled too. Regards, Dieter --------------------------------------------------------------- Dieter Kirchner Systemadministration BUPNET +49 551 54707 62 D-Goettingen http://www.bupnet.de ---------------------------------------------------------------
participants (2)
-
Dieter Kirchner -
Michael Ryan