[Swan] [libreswan] How enable Klips for Openswan in Centos7 (#29)

Paul Wouters paul at nohats.ca
Wed Apr 29 18:07:33 EEST 2015


On Wed, 29 Apr 2015, vdv85 wrote:

general comment: please use the libreswan email lists, not github, for
discussions.

> Hi. Please, help configure openswan with support klips in Centos7. In Default Openswan use Netkey, but
> it's not work for users in one network behind NAT to one enternal ip and need prostack=klips.
> I have:
> Linux 3.10.0-229.1.2.el7.x86_64
> Linux Libreswan 3.12 (netkey)

- grab the libreswan source
- yum install kernel-devel
- cd libreswan/
- make module module_install
- change to protostack=klips in /etc/ipsec.conf

But much better is to dump L2TP and switch to IKEv2/IKEv1+XAUTH

https://libreswan.org/wiki/VPN_server_for_remote_clients_using_IKEv1_XAUTH

Paul


More information about the Swan mailing list