I am in the middle of installing a new site on SME and decided to try my luck with SME5.5b4. I like the fact that it has been refreshed with Samba 2.2.3a, IMP3.0, and freeswan 1.97. I was a bit disappointed to see wu-imap as still the standard.
I had no problems with the base install, and file/print/email services all appeared to work well. I then tried to connect the box to my existing IPSEC VPN network by installing Darrell May's dmc-mitel-freeswan-0.4-12.noarch.rpm. The first think I noticed was the location for freeswan has changed to /usr/local/lib/ipsec from /usr/lib/ipsec. This caused a problem with the template: /etc/e-smith/templates/etc/ipsec.secrets/10RSAKey I modified it to reflect the new ipsec location, and ran /sbin/e-smith/signal-event ipsec-install The _updown files supplied in the rpm were placed in the original directory, so I moved them to their proper place. I was then able to add ipsec parameters and attempt to connect to a freeswan-1.91 server. When I attempted to add local networks, I was greeted with an error telling me that the ip address wasn't visible to the internal network, so it couldn't be added. I finally added the local network using the internal ip address of the server as the default gateway (I don't believe this is a wokable workaround). When I couldn't get freeswan to connect, I did a cursory analysis of /var/log/secure to try to figure out the problem, and at first glance it appears that my inability to add an external ip address in the local address list is preventing freeswan from authenticating. I ran out of time and reformatted with SME5.12...problem solved... -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
