Re: [2.6.21-git2] sk_buff changes break Cisco VPN client
From: Alessandro Suardi
Date: Sun Apr 29 2007 - 03:15:29 EST
On 4/29/07, David Miller <davem@xxxxxxxxxxxxx> wrote:
From: Roland Dreier <rdreier@xxxxxxxxx>
Date: Sat, 28 Apr 2007 14:05:27 -0700
> However I can suggest vpnc (http://www.unix-ag.uni-kl.de/~massar/vpnc/)
> as an alternative. I'm not forced to use Cisco VPN access any more,
> but when I tried it, vpnc was tons better than the Cisco product.
Also, and I know this might be a COMPLETE SHOCK to some people, but we
do have a full in-kernel IPSEC stack and using it with openswan to
connect to VPNs works perfectly fine.
I use it every day.
It's quite amusing that people use a userland IPSEC implementation
via VPNC, in spite of this.
Have a look here
https://lists.dulug.duke.edu/pipermail/dulug/2007-March/010792.html
where someone seems to be in my same boat. No, openswan/IPSEC
does not work in all configurations with Cisco VPN concentrators -
and by Murphy's law, I'm in the non-working configuration.
Hope this clarifies the reason I asked. And if anyone out there
is in doubt about it, I absolutely hate having to rebuild an out
of kernel module every time I build a kernel, crossing fingers
it doesn't break (again). I would use *anything* else.
--alessandro
"Did you get married but forgot to get divorced ?"
(Danny and Dusty, 'The Good Old Days')
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/