[prev in list] [next in list] [prev in thread] [next in thread] 

List:       voyage-linux
Subject:    Re: AW: [Voyage-linux] Question regarding OpenSWAN, FreeSWAN, or
From:       "Kim-man \"Punky\" TSE" <punkytse () punknix ! com>
Date:       2006-04-24 10:40:14
Message-ID: 444CAB0E.3010000 () punknix ! com
[Download RAW message or body]

Hi Hermann,

Yes, let me know what option for ISDN-card to enable in the kernel 
config so that I can include it in voyage kernel.

Thank you for sharing your experience to build ipsec module.  Otherwise, 
I would will patch the kernel instead of building external module.

- Punky

Hofer, Hermann wrote:

> Hi Punky,
> 
> you only need to apply openswan-2.4.5.kernel-2.6-natt.patch and check the new NAT-T \
> option in networking. Also you need the OpenSwan module: ipsec.ko. \
> openswan-2.4.5.kernel-2.6-klips.patch is for integrating OpenSwan into the kernel \
> which I would not recommend. 
> In the openswan-2.4.5 source there is a debian directory - I belive this is for \
> debian packaging but I have no knowledge about this. 
> If you make a new kernel for voyage with openswan included I can test it, but \
> please wait a moment. We also use voyage with a miniPCI ISDN-Card and if you will \
> also integrate this modules I will send you the needed kernel options later. 
> 
> Thanks
> Hermann
> 
> ---
> AHS Netzwerktechnik GmbH
> 
> -----Ursprüngliche Nachricht-----
> Von: Kim-man "Punky" TSE [mailto:punkytse@punknix.com] 
> Gesendet: Montag, 24. April 2006 11:02
> An: Hofer, Hermann
> Cc: voyage-linux@voyage.hk
> Betreff: Re: AW: [Voyage-linux] Question regarding OpenSWAN, FreeSWAN, or racoon
> 
> Hi Hermann,
> 
> Can I just apply openswan-2.4.5.kernel-2.6-natt.patch.gz and 
> openswan-2.4.5.kernel-2.6-klips.patch.gz to support N-NAT and KLIPS?
> 
> For openswan-2.4.5, if there is not too much problem in package 
> dependency, I have the environment to backport it. 
> 
> Thanks,
> Punky
> 
> Hofer, Hermann wrote:
> 
> > Hello,
> > 
> > we are using OpenVPN and OpenSwan with voyage 0.2. We don't like the included \
> > IPSEC-Support in Kernel 2.6 because of the extra interfaces OpenSwan provides for \
> > easier firewalling. 
> > For OpenVPN we use the normal package Debian provides, nothing spezial is needed \
> > (we use it for bridging). For OpenSwan we patch the voyage kernel-source with the \
> > actual openswan-2.4.5 (older versions doesn't support an 2.6.15 kernel), disable \
> > internal ipsec support and compile the OpenSwan programs. At the moment I am \
> > looking into making a debain package, but time is small. 
> > If there are any questions feel free and ask.
> > 
> > 
> > Mit freundlichen Grüßen
> > Hermann Hofer
> > 
> > ---
> > AHS Netzwerktechnik GmbH
> > 
> > -----Ursprüngliche Nachricht-----
> > Von: voyage-linux-bounces+h.hofer=ahsnet.de@list.voyage.hk \
> > [mailto:voyage-linux-bounces+h.hofer=ahsnet.de@list.voyage.hk] Im Auftrag von \
> >                 Kim-man "Punky" TSE
> > Gesendet: Montag, 24. April 2006 03:24
> > An: jdb@beetelecom.net; voyage-linux@voyage.hk
> > Betreff: Re: [Voyage-linux] Question regarding OpenSWAN, FreeSWAN, or racoon
> > 
> > Hi John,
> > 
> > I did not tested the openswan in voyage, but I have already enabled some 
> > kernel modules to support OpenSWAN.  I heard that 2.6 kernel (or only in 
> > debian favour) have included IPSEC support. 
> > 
> > If I were wrong, then let me know how to get it supported, I am willing 
> > to include any patches in the kernel by request. 
> > 
> > I think there are some users using openvpn . If anyone has experience in 
> > using VPN in voyage, please share your experience as well. 
> > 
> > Punky
> > 
> > John D. Bickle wrote:
> > 
> > 
> > > Hi Everyone.
> > > 
> > > I've been using pebble for a while, and want to make the move to voyage
> > > (good work, everyone!)
> > > 
> > > However, i have a question about what you think would be the best VPN
> > > strategy.
> > > 
> > > Using pebble, what i did was download the debian packages for freeswan and
> > > i ported that to pebble by recompiling a custom kernel with the necessary
> > > modules. I'd prefer not to do that again, if i can avoid it.
> > > 
> > > Also FreeSWAN, to the best of my knowledge, is no longer supported. What
> > > do you think would be the best strategy for having good VPN software for
> > > voyage? should i use OpenSWAN, or perhaps a combination of a custom kernel
> > > and use racoon for key exchange? Does anyone have any plans for putting a
> > > standard IPSEC package in voyage?
> > > 
> > > any advice or help you can give me with this would be very much appreciated.
> > > 
> > > cheers,
> > > john.
> > > 
> > > 
> > > _______________________________________________
> > > Voyage-linux mailing list
> > > Voyage-linux@list.voyage.hk
> > > http://list.voyage.hk/mailman/listinfo/voyage-linux
> > > 
> > > 
> > > 
> > 
> > 
> 
> 
> 


-- 
Regards,
Punky
P U N K N ! X  . c o m
Technology + Lifestyle
(http://www.punknix.com)

Voyage Linux
(http://www.voyage.hk/software/voyage.html)



_______________________________________________
Voyage-linux mailing list
Voyage-linux@list.voyage.hk
http://list.voyage.hk/mailman/listinfo/voyage-linux


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic