Bas Rijniersce wrote: > Hello, > > I'm trying to get Openswan running in a CentOS 4.3 environment. I want to > modify as little as possible so that the machine can be kept up to date > easily. I'd rather not compile a special kernel, but if that's the only > solution, no problem (I don't need NAT traversal). Hm, not really answer to your question... But what about native IPSec that is already built into the kernel? It's not perfect (there are some problems with Netfilter and IPSec interacting), but it works for many folks out there. It's easy to setup by hand, or you could use system-config-network too. It could also be that OpenSwan and native IPSec are clashing...