Yes, it really need… (very) I use it from 2012 on CentOS 6 (some tunnels and IPsec/L2TP for remote access (need SAref) using native clients for OS). Thinked to migrate to CentOS 7.
> 4 сент. 2017 г., в 17:59, Paul Wouters <[email protected]> написал(а): > > On Mon, 4 Sep 2017, [email protected] wrote: > >> I build module without warnings and errors: > >> But after "modpobe ipsec" I have "kernel panic" :( >> BUG: unable to handle kernel paging request at 000000000000711c >> register_netdevice_notifier >> ipsec_device_event+0x1c/0x360 > > Do you _really_ need SAref? For a limited number of static tunnels, > VTI should get you what you want. For remote access VPN, you only > need SAref for L2TP/IPsec, and you should really just migrate to > either IKEv1-XAUTH or IKEv2. > > The SAref code is not really maintained anymore. And we are giving > less attention to KLIPS, and on RHEL/CentOS kernels with backported > features, it is always a bit tricky to get it to compile and work > properly. > > Paul _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
