I compiled openswan 2.6.29 under centos 5.3 with following commands.
During installation no error has being reported.
I set all config together.
I ran patch for nat-t.
I can mark as active in make menuconfig, but when patch ran is looked for udp.c and it is fail to patch there no file by this name.
I want to know what is missing, what need to be done for udp.c to get nat-t patch working properly.
Any help welcome.
Thank you in advance.
Code:
General Config
config setup
interfaces="ipsec0=eth1"
klipsdebug="none"
uniqueids=yes
nat_traversal=yes
protostack="klips"
virtual_private='%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v44
:!192.168.10.64/26,%v4:!192.168.20.0/24,%v4:!192.168.19.0/24,%v4:!192.168.100.0//
24,%v4:!192.168.12.0/24'
plutodebug="parsing emitting klips"
overridemtu=1380
Code:
make KERNELSRC=/lib/modules/2.6.18-194.32.1.el5xen/build/ module minstall programs install
Code:
Ipsec verify
[root@hostname 2.6.18-194.32.1.el5xen-x86_64]# ipsec verify
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path [OK]
Linux Openswan 2.6.29 (klips)
Checking for IPsec support in kernel [OK]
KLIPS detected, checking for NAT Traversal support [UNKNOWN]
Testing against enforced SElinux mode [OK]
Checking that pluto is running [OK]
Pluto listening for IKE on udp 500 [OK]
Pluto listening for NAT-T on udp 4500 [FAILED]
Two or more interfaces found, checking IP forwarding [FAILED]
Checking NAT and MASQUERADEing [OK]
Checking for 'ip' command [OK]
Checking for 'iptables' command [OK]
Opportunistic Encryption Support [DISABLED]
Code:
Linux Kernel v2.6.18-194.32.1.el5xen Configuration
------------------------------------------------------------------------------
+-------------------------- Networking options ---------------------------+
| Arrow keys navigate the menu. <Enter> selects submenus --->. |
| Highlighted letters are hotkeys. Pressing <Y> includes, <N> excludes, |
| <M> modularizes features. Press <Esc><Esc> to exit, <?> for Help, </> |
| for Search. Legend:[*] built-in [ ] excluded <M> module < > |
| +^(-)-----------------------------------------------------------------+ |
| |[*] IP: PIM-SM version 2 support | |
| |[ ] IP: ARP daemon support (EXPERIMENTAL) | |
| |[*] IP: TCP syncookie support (disabled per default) | |
| |<M> IP: AH transformation | |
| |<M> IP: ESP transformation | |
| |<M> IP: IPComp transformation | |
| |[*] IPSEC NAT-Traversal (KLIPS compatible) | |
| |<M> IP: IPsec transport mode | |
| |<M> IP: IPsec tunnel mode | |
| |<M> INET: socket monitoring interface | |
| +v(+)-----------------------------------------------------------------+ |
+-------------------------------------------------------------------------+
| <Select> < Exit > < Help > |
+-------------------------------------------------------------------------+