Hi, > > I'm trying to get Openswan running in a CentOS 4.3 > environment. I want > > to modify as little as possible so that the machine can be > kept up to > > date easily. I'd rather not compile a special kernel, but if that's > > the only solution, no problem (I don't need NAT traversal). > Hm, not really answer to your question... But what about > native IPSec that is already built into the kernel? It's not > perfect (there are some problems with Netfilter and IPSec > interacting), but it works for many folks out there. It's > easy to setup by hand, or you could use system-config-network too. Not having an ipsec interface caused me quite a bit of trouble before. So I really want KLIPS. > It could also be that OpenSwan and native IPSec are clashing... There is no modules loaded, but who knows. I'm now compiling a custom kernel.. It seems I'll have to live with that. Bas