Hi Punky, you only need to apply openswan-2.4.5.kernel-2.6-natt.patch and check the new NAT-T option in networking. Also you need the OpenSwan module: ipsec.ko. openswan-2.4.5.kernel-2.6-klips.patch is for integrating OpenSwan into the kernel which I would not recommend.
In the openswan-2.4.5 source there is a debian directory - I belive this is for debian packaging but I have no knowledge about this. If you make a new kernel for voyage with openswan included I can test it, but please wait a moment. We also use voyage with a miniPCI ISDN-Card and if you will also integrate this modules I will send you the needed kernel options later. Thanks Hermann --- AHS Netzwerktechnik GmbH -----Ursprüngliche Nachricht----- Von: Kim-man "Punky" TSE [mailto:[EMAIL PROTECTED] Gesendet: Montag, 24. April 2006 11:02 An: Hofer, Hermann Cc: [EMAIL PROTECTED] Betreff: Re: AW: [Voyage-linux] Question regarding OpenSWAN, FreeSWAN, or racoon Hi Hermann, Can I just apply openswan-2.4.5.kernel-2.6-natt.patch.gz and openswan-2.4.5.kernel-2.6-klips.patch.gz to support N-NAT and KLIPS? For openswan-2.4.5, if there is not too much problem in package dependency, I have the environment to backport it. Thanks, Punky Hofer, Hermann wrote: > Hello, > > we are using OpenVPN and OpenSwan with voyage 0.2. We don't like the included > IPSEC-Support in Kernel 2.6 because of the extra interfaces OpenSwan provides > for easier firewalling. > > For OpenVPN we use the normal package Debian provides, nothing spezial is > needed (we use it for bridging). For OpenSwan we patch the voyage > kernel-source with the actual openswan-2.4.5 (older versions doesn't support > an 2.6.15 kernel), disable internal ipsec support and compile the OpenSwan > programs. At the moment I am looking into making a debain package, but time > is small. > > If there are any questions feel free and ask. > > > Mit freundlichen Grüßen > Hermann Hofer > > --- > AHS Netzwerktechnik GmbH > > -----Ursprüngliche Nachricht----- > Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Kim-man > "Punky" TSE > Gesendet: Montag, 24. April 2006 03:24 > An: [EMAIL PROTECTED]; [EMAIL PROTECTED] > Betreff: Re: [Voyage-linux] Question regarding OpenSWAN, FreeSWAN, or racoon > > Hi John, > > I did not tested the openswan in voyage, but I have already enabled some > kernel modules to support OpenSWAN. I heard that 2.6 kernel (or only in > debian favour) have included IPSEC support. > > If I were wrong, then let me know how to get it supported, I am willing > to include any patches in the kernel by request. > > I think there are some users using openvpn . If anyone has experience in > using VPN in voyage, please share your experience as well. > > Punky > > John D. Bickle wrote: > >> Hi Everyone. >> >> I've been using pebble for a while, and want to make the move to voyage >> (good work, everyone!) >> >> However, i have a question about what you think would be the best VPN >> strategy. >> >> Using pebble, what i did was download the debian packages for freeswan and >> i ported that to pebble by recompiling a custom kernel with the necessary >> modules. I'd prefer not to do that again, if i can avoid it. >> >> Also FreeSWAN, to the best of my knowledge, is no longer supported. What >> do you think would be the best strategy for having good VPN software for >> voyage? should i use OpenSWAN, or perhaps a combination of a custom kernel >> and use racoon for key exchange? Does anyone have any plans for putting a >> standard IPSEC package in voyage? >> >> any advice or help you can give me with this would be very much appreciated. >> >> cheers, >> john. >> >> >> _______________________________________________ >> Voyage-linux mailing list >> [email protected] >> http://list.voyage.hk/mailman/listinfo/voyage-linux >> >> > > > -- Regards, Punky P U N K N ! X . c o m Technology + Lifestyle (http://www.punknix.com) Voyage Linux (http://www.voyage.hk/software/voyage.html) _______________________________________________ Voyage-linux mailing list [email protected] http://list.voyage.hk/mailman/listinfo/voyage-linux
