On Mon, 2002-11-18 at 22:25, [EMAIL PROTECTED] wrote: > On Mon, 18 Nov 2002, at 5:53pm, [EMAIL PROTECTED] wrote: > >> I note, for example, on my RHL 7.3 / kernel 2.4.18 system, that no > >> pre-compiled modules mentioning IPsec or PPTP exist. > > > > Hrm, pretty sure at least the pptp module was in 2.4.15 and up, but I > > could be incorrect. > > Well, one way or the other, Red Hat didn't pre-compile them. A quick > check of pristine Linux 2.4.18 sources found nothing matching the string > "pptp", and nothing relevant matching "ipsec". Perhaps they are add-on > software outside the mainline kernel? A lot of crypto stuff is still > excluded from the mainline kernel (mostly for historical (or hysterical) > reasons at this point).
I can say with a fair amount of certainty that neither IPsec nor PPTP are included in any mainline 2.4 kernel, nor does Red Hat include them. I've been building custom Red Hat kernel rpms with freeswan and, more recently, pptp+mppe for some time now (used to add a lot more, but most has since been included in the mainline kernel). There are at least two (VPN masq or X.509 certificates) ways to do IPsec from behind a firewall, but both still make it difficult, if not impossible, to have multiple nodes behind the firewall talking to the same node on the other end (or anywhere?). The only (really cool) way to get around all this that I know of is, unfortunately, Linux and Solaris specific (last time I checked). You can use a combination of vtun and ipsec. There are some gotchas, but it has worked quite well for me. This, obviously, won't help the OP, but figured I'd bring it up and offer my rpms and config assistance if anyone is interested. -- -Paul Iadonisi Senior System Administrator Red Hat Certified Engineer / Local Linux Lobbyist Ever see a penguin fly? -- Try Linux. GPL all the way: Sell services, don't lease secrets _______________________________________________ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
