RE: [leaf-user] What is latest Freeswan for Bering 1.2?

2004-11-11 Thread Tibbs, Richard
OK, the verdict seems to be that Charles' suggestion worked (for pings -- we are only testing the connection with pings) --- so I doubt that ping tests the CLAMPMSS parm. A large file transfer would probably need it so I put CLAMPMSS=yes in shorwall.conf. We are now able to ping across campus.

[leaf-user] What is latest Freeswan for Bering 1.2?

2004-11-10 Thread Tibbs, Richard
Dear List, I am wondering if there is any newer version such as Freeswan 2.06 in a .lrp that is available. I am running Bering 1.2 (kernel 2.4.20). The current version of freeswan is 1.99.6.2. TIA, Rick. --- This SF.Net email is

RE: [leaf-user] What is latest Freeswan for Bering 1.2?

2004-11-10 Thread Peter Mueller
Dear List, I am wondering if there is any newer version such as Freeswan 2.06 in a .lrp that is available. I am running Bering 1.2 (kernel 2.4.20). The current version of freeswan is 1.99.6.2. FreeSWAN is now OpenSWAN. There are no updates for Bering. For Bering-uclibc though, you can

RE: [leaf-user] What is latest Freeswan for Bering 1.2?

2004-11-10 Thread Tibbs, Richard
PROTECTED] Subject: RE: [leaf-user] What is latest Freeswan for Bering 1.2? Dear List, I am wondering if there is any newer version such as Freeswan 2.06 in a .lrp that is available. I am running Bering 1.2 (kernel 2.4.20). The current version of freeswan is 1.99.6.2. FreeSWAN is now OpenSWAN

RE: [leaf-user] What is latest Freeswan for Bering 1.2?

2004-11-10 Thread Tibbs, Richard
or beyond might be better. Upgrading is fairly easy once I have a 2.4.x glibc binary. Rick. -Original Message- From: Peter Mueller [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 10, 2004 12:58 PM To: Tibbs, Richard; [EMAIL PROTECTED] Subject: RE: [leaf-user] What is latest Freeswan

Re: [leaf-user] What is latest Freeswan for Bering 1.2?

2004-11-10 Thread Charles Steinkuehler
Tibbs, Richard wrote: On the feature issue: We have had a problem with messages in the log files saying no route available. I have a successful road warrior from just outside the firewall, but across campus, (beyond the next router) things stop working with the above message. I was hoping an

RE: [leaf-user] What is latest Freeswan for Bering 1.2?

2004-11-10 Thread Tibbs, Richard
-Original Message- From: Charles Steinkuehler [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 10, 2004 1:42 PM To: Tibbs, Richard Cc: [EMAIL PROTECTED] Subject: Re: [leaf-user] What is latest Freeswan for Bering 1.2? Tibbs, Richard wrote: On the feature issue: We have had

Re: [leaf-user] What is latest Freeswan for Bering 1.2?

2004-11-10 Thread Charles Steinkuehler
Tibbs, Richard wrote: Here is the ipsec.conf file. If you want a barf, let me know. TIA Rick. As mentioned, you need a nexthop value...in your case, a rightnexthop setting. This should be set to the default gateway of the leaf box. Alternatively, you can set right=%defaultroute and the

RE: [leaf-user] What is latest Freeswan for Bering 1.2?

2004-11-10 Thread Erich Titl
Rick At 21:14 10.11.2004 -0500, you wrote: No, didn't set CLAMPMSS. The chief symptom so far has been a bad route. I think it was an error like Ioctlsroute or some such code. What is the MSS that you would recommend for Ipsec? The SA is getting established OK so far (so UDP is not the