Hi Hermann,
Can I just apply openswan-2.4.5.kernel-2.6-natt.patch.gz and
openswan-2.4.5.kernel-2.6-klips.patch.gz to support N-NAT and KLIPS?
For openswan-2.4.5, if there is not too much problem in package
dependency, I have the environment to backport it.
Thanks,
Punky
Hofer, Hermann wrote:
Hello,
we are using OpenVPN and OpenSwan with voyage 0.2. We don't like the included
IPSEC-Support in Kernel 2.6 because of the extra interfaces OpenSwan provides
for easier firewalling.
For OpenVPN we use the normal package Debian provides, nothing spezial is
needed (we use it for bridging). For OpenSwan we patch the voyage kernel-source
with the actual openswan-2.4.5 (older versions doesn't support an 2.6.15
kernel), disable internal ipsec support and compile the OpenSwan programs. At
the moment I am looking into making a debain package, but time is small.
If there are any questions feel free and ask.
Mit freundlichen Grüßen
Hermann Hofer
---
AHS Netzwerktechnik GmbH
-----Ursprüngliche Nachricht-----
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Kim-man "Punky"
TSE
Gesendet: Montag, 24. April 2006 03:24
An: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Betreff: Re: [Voyage-linux] Question regarding OpenSWAN, FreeSWAN, or racoon
Hi John,
I did not tested the openswan in voyage, but I have already enabled some
kernel modules to support OpenSWAN. I heard that 2.6 kernel (or only in
debian favour) have included IPSEC support.
If I were wrong, then let me know how to get it supported, I am willing
to include any patches in the kernel by request.
I think there are some users using openvpn . If anyone has experience in
using VPN in voyage, please share your experience as well.
Punky
John D. Bickle wrote:
Hi Everyone.
I've been using pebble for a while, and want to make the move to voyage
(good work, everyone!)
However, i have a question about what you think would be the best VPN
strategy.
Using pebble, what i did was download the debian packages for freeswan and
i ported that to pebble by recompiling a custom kernel with the necessary
modules. I'd prefer not to do that again, if i can avoid it.
Also FreeSWAN, to the best of my knowledge, is no longer supported. What
do you think would be the best strategy for having good VPN software for
voyage? should i use OpenSWAN, or perhaps a combination of a custom kernel
and use racoon for key exchange? Does anyone have any plans for putting a
standard IPSEC package in voyage?
any advice or help you can give me with this would be very much appreciated.
cheers,
john.
_______________________________________________
Voyage-linux mailing list
[email protected]
http://list.voyage.hk/mailman/listinfo/voyage-linux
--
Regards,
Punky
P U N K N ! X . c o m
Technology + Lifestyle
(http://www.punknix.com)
Voyage Linux
(http://www.voyage.hk/software/voyage.html)
_______________________________________________
Voyage-linux mailing list
[email protected]
http://list.voyage.hk/mailman/listinfo/voyage-linux
