SLUG Mailing List Archives
Re: [SLUG] Site to Site VPN
- To: slug@xxxxxxxxxxx
- Subject: Re: [SLUG] Site to Site VPN
- From: Peter Rundle <prundle@xxxxxxxxxxxxxxxxxx>
- Date: Mon, 01 Jun 2009 09:57:55 +1000
- User-agent: Thunderbird 220.127.116.11 (X11/20080505)
thanks again for the info re the routing tools setting the preferred source address.
>Wait until after you get ISAKMP and IPSec routing working, /then/ say it is the wrong tool. ;)
LOL, yes I meant it was "the wrong tool to talk to a Juniper Netscreen". And as I'm rapidly finding out getting the IPSEC to just
load and run is a battle. I'm wondering if IPSec is supported by this centOS version with kernel 2.6.18-028stab060.8 #1 SMP
The /lib/modules directory is empty and lsmod returns no modules loaded in the kernel.
I've read up a bit and it seems that openswan is not required? Apparently you install ipsec-tools, edit say ifcfg-ipsec0 in
/etc/sysconfig/network-scripts and then run ifup ipsec0
But when I do so I get this error message
ERROR: libipsec failed pfkey open (Address family not supported by protocol)
racoon: something error happened while pfkey initializing.
If I try to do a modprobe then I get:
FATAL: Could not load /lib/modules/2.6.18-028stab060.8/modules.dep: No such file or directory
Hmmm, might be a long road ahead, sigh