ipsec.o for Openswan 2.4.5

Hi,

I've got a relatively old version of Bering-uClibc (2.3.1) but need to
install Openswan 2.4.5 from the Bering-UClib 2.x packages. The 2.4.5
ipsec.lrp package installs fine but it needs a version of ipsec.o compiled
for the 2.xx Openswan. The ipsec.o that comes with 2.3.1 is compiled for
Openswan 1.99. Can someone show me where to get the alternate ipsec.o for
the kernel 2.4.31?

Thanks,
Stephen



------------------------------------------------------------------------------
Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA
-OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise
-Strategies to boost innovation and cut costs with open source participation
-Receive a $600 discount off the registration fee with the source code: SFAD
http://p.sf.net/sfu/XcvMzF8H
------------------------------------------------------------------------
leaf-user mailing list: leaf-user@...
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Stephen

Stephen Lee wrote:
> Hi,
>
> I've got a relatively old version of Bering-uClibc (2.3.1) but need to
> install Openswan 2.4.5 from the Bering-UClib 2.x packages. The 2.4.5
> ipsec.lrp package installs fine but it needs a version of ipsec.o compiled
> for the 2.xx Openswan. The ipsec.o that comes with 2.3.1 is compiled for
> Openswan 1.99. Can someone show me where to get the alternate ipsec.o for
> the kernel 2.4.31?

Why don't you just upgrade to a current version. Upgrading the ipsec
configuration is rather trivial.

cheers

Erich



------------------------------------------------------------------------------
Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA
-OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise
-Strategies to boost innovation and cut costs with open source participation
-Receive a $600 discount off the registration fee with the source code: SFAD
http://p.sf.net/sfu/XcvMzF8H
------------------------------------------------------------------------
leaf-user mailing list: leaf-user@...
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Hi Erich,

Because I'm a big chicken ;-) The Bering box controls a rather busy
connection and has some mission-critical traffic running through it. You
and the rest of the Bering team have build such a solid product that I
suspect very few of us ever bother upgrading on a regular basis. OTOH, it
will give me a chance to slip in a current USB version. I'm tired of bad
floppies.

Btw, the reason for upgrading OpenSwan is that I need to connect the
router to a Sonicwall vpn box at the other end. Do any of you have such
experience and/or tips? I'm following the suggestions on the OpenSwan
site.

Thanks,
Stephen


------------------------------------------------------------------------------
Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA
-OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise
-Strategies to boost innovation and cut costs with open source participation
-Receive a $600 discount off the registration fee with the source code: SFAD
http://p.sf.net/sfu/XcvMzF8H
------------------------------------------------------------------------
leaf-user mailing list: leaf-user@...
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Stephen Lee wrote:
> Because I'm a big chicken ;-) The Bering box controls a rather busy
> connection and has some mission-critical traffic running through it. You
> and the rest of the Bering team have build such a solid product that I
> suspect very few of us ever bother upgrading on a regular basis. OTOH, it
> will give me a chance to slip in a current USB version. I'm tired of bad
> floppies.

I'll second that. I've had Bering 1.2 running upto last year. The only
reason that thing ever broke down is because of the old P66 starting to
smoke. You should never start smoking when you're getting older ;)

> Btw, the reason for upgrading OpenSwan is that I need to connect the
> router to a Sonicwall vpn box at the other end. Do any of you have such
> experience and/or tips? I'm following the suggestions on the OpenSwan
> site.

Just recently I required vpn connections as well and I found that this
would corrupt my current settings. If you do a site-to-site vpn there's
no real problem, but I figured I might as well make this a vpn for
Windows roadwarriors. Which brings in L2TP, which adds a new ppp
interface whenever a connection is made, which requires changing the
last rule in Shorewall to be ACCEPT because you can't create a zone for
interfaces that don't exist.

And so I added a second Bering box just for handling vpn. The new box is
sitting directly on the outside connection and this eliminates all
issues with masquerading vpn. I have Shorewall on the new box configured
to pass everything but the obvious onto the existing box that runs a
custom firewall script. Essentially the only thing I had to change on
the old box was to let it accept RFC1918 addresses on the outside interface.

Gordon

------------------------------------------------------------------------------
Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA
-OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise
-Strategies to boost innovation and cut costs with open source participation
-Receive a $600 discount off the registration fee with the source code: SFAD
http://p.sf.net/sfu/XcvMzF8H
------------------------------------------------------------------------
leaf-user mailing list: leaf-user@...
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/