WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

RE: [Xen-users] Openswan and xen problems

To: "John A. Sullivan III" <jsullivan@xxxxxxxxxxxxxxxxxxx>, <xen-users@xxxxxxxxxxxxxxxxxxx>
Subject: RE: [Xen-users] Openswan and xen problems
From: "Ian Pratt" <m+Ian.Pratt@xxxxxxxxxxxx>
Date: Sat, 3 Sep 2005 11:15:22 +0100
Cc: ian.pratt@xxxxxxxxxxxx
Delivery-date: Sat, 03 Sep 2005 10:13:21 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: AcWwWCUFqX4MhtKFQuOAkwsNX2AMKAAGA75Q
Thread-topic: [Xen-users] Openswan and xen problems
If you're using -unstable, look for an earlier thread about using
ethtool to disable checksum offload on the virtual interfaces. We do
need to fix the underlying problem at some point, though.

Ian

> I'm trying to build a RoadWarrior VPN Gateway using openswan 
> 2.4.0rc3 on a xen 2.0.7 domU.  I'm having a bit of trouble 
> and before I beat my head against the wall for hours, I was 
> wondering if anyone else has done this and can give me some pointers.
> 
> I am not using L2TP so I should not have the driver problem.  
> When I disable ipsec on both the xen station and the 
> CyberGuard SG580 were using for testing as the office gateway 
> (as opposed to the RAS gateway), they can ping each other 
> fine.  When I enable ipsec, it's as if the xen station does 
> not want to listen to the SG.  The SG sends MI1 and there is 
> no response.  The xen device sends MI1, the SG send MR1 and 
> xen ignores it.
> 
> The same configuration with a non-xen gateway works fine.  
> Please don't spend lots of time on this as I should put more 
> time in myself before really crying for help but, if someone 
> has done this or knows what the problem is, please let me 
> know.  Thanks - John
> --
> John A. Sullivan III
> Open Source Development Corporation
> +1 207-985-7880
> jsullivan@xxxxxxxxxxxxxxxxxxx
> 
> If you would like to participate in the development of an 
> open source enterprise class network security management 
> system, please visit http://iscs.sourceforge.net
> 
> 
> _______________________________________________
> Xen-users mailing list
> Xen-users@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-users
> 

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

<Prev in Thread] Current Thread [Next in Thread>