packages not available in repositories

I'm doing a mock-up test on a Red Hat linux server.  Trying to install the ipsec-tools package (racoon).  When I went to the repositories via yum update, I didn't see the package as one of the ones listed.  Then doing a yum update ipsec-tools or a yum update racoon, I get nothing.  Is it possible the repositories don't have this package??
So if this doesn't work this way, then I need instructions on how to manually download and install it.  I'm doing this from a remote login.
mrkentAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
PapertripConnect With a Mentor Commented:
Find the appropriate RPM for your distro at http://rpm.pbone.net/index.php3/stat/3/limit/1/srodzaj/1/dl/40/search/ipsec-tools/field%5B%5D/1/field%5B%5D/2

Then, if for example you downloaded the RHEL5 RPM:
yum install ipsec-tools-0.7.3-1.el5.pp.x86_64.rpm

Open in new window


That should take care of any dependencies that yum can access via it's configured repos.  If yum still complains about missing dependencies such as libracoon.so.0, then go back to that webpage and find it under the "Requires" section.
0
 
PapertripConnect With a Mentor Commented:
Use 'wget' to download the file by giving it the complete URL.

BTW I did a bit more research and it looks like the only other dependency you will need is ipsec-tools-libs

Using the RHEL5 example above, you can find it at http://rpm.pbone.net/index.php3/stat/3/srodzaj/1/search/ipsec-tools-libs

Also 0.7.3-1 isn't the most current version, was just used as an example.
0
 
mrkentAuthor Commented:
My version is Red Hat Enterprise Linux Server release 6.1 (Santiago)
The location you gave me was for RHEL 5.  Is that OK to download the file from there?

Also I'm having trouble with the syntax.  What would be my exact wget command to download the ipsec-tools-0.8.0-2.fc16.i686.rpm package at that url?  (I don't THINK my machine is a 64 bit, how do I find out?)
0
Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

 
mrkentAuthor Commented:
Actually I think now it is...
# uname -r
2.6.32-131.4.1.el6.x86_64
So does that mean I should be downloading ipsec-tools-0.8.0-1.el5.pp.x86_64.rpm? (Instead of the ipsec-tools-0.8.0-1.el5.pp.i386.rpm which is what I was first looking at?  [typo in my last update])
So again what is my correct wget syntax to download that?
0
 
PapertripConnect With a Mentor Commented:
You are asking for trouble by installing a RHEL 5 package on RHEL 6 -- not advised.

It turns out that there is a reason that you can't find ipsec-tools in the repositories -- it has been deprecated in RHEL 6 in favor of openswan.

Is there a specific reason you need ipsec-tools?
[root@broken ~]# yum info openswan
Loaded plugins: fastestmirror, presto, priorities
<snip>
Available Packages
Name       : openswan
Arch       : x86_64
Version    : 2.6.24
Release    : 8.el6_0.1
Size       : 838 k
Repo       : updates
Summary    : IPSEC implementation with IKEv1 and IKEv2 keying protocols
URL        : http://www.openswan.org/
License    : GPLv2+
Description: Openswan is a free implementation of IPsec & IKE for Linux.  IPsec is
           : the Internet Protocol Security and uses strong cryptography to provide
           : both authentication and encryption services.  These services allow you
           : to build secure tunnels through untrusted networks.  Everything passing
           : through the untrusted net is encrypted by the ipsec gateway machine and
           : decrypted by the gateway at the other end of the tunnel.  The resulting
           : tunnel is a virtual private network or VPN.
           :
           : This package contains the daemons and userland tools for setting up
           : Openswan. It supports the NETKEY/XFRM IPsec kernel stack that exists
           : in the default Linux kernel.
           :
           : Openswan 2.6.x also supports IKEv2 (RFC4306)

Open in new window

0
 
mrkentAuthor Commented:
Only because I have never used Openswan before.  Only Ipsec-tools.
So I do have another server I may get my hand on, a RHEL 5.6 (Tikanga).  I can either use that if I get it, or learn Openswan.

What is the downside of loading a RHEL 5 package on a RHEL 6?   Would it affect the whole system?  Or just the RHEL 5 package?
0
 
PapertripConnect With a Mentor Commented:
What is the downside of loading a RHEL 5 package on a RHEL 6?   Would it affect the whole system?  Or just the RHEL 5 package?

That all depends.  The short answer here is that a RHEL 5 RPM is built against a RHEL 5 system, therefore is configured and expecting to be ran on RHEL 5.
0
 
nociSoftware EngineerCommented:
The best that can happen is that the software cant work.
The worst is that it installs an old library wrecking your system or part of it.
0
 
mrkentAuthor Commented:
OK , one last thing before I move on to the next item.
How do I know that my linux distribution supports NAT Traversal (NAT-T).  I know there are components of the ipsec-tools and openswan ipsec packages that do NAT-T, but how do I know the the kernel itself can process NAT-T.  I saw somewhere that you can look in the kernel tree and look at the net/key/af_key.c file. I think I looked in the right place but maybe not and I can't find it.  How do I find it, and once I do find it, what do I look for in it?

0
 
nociConnect With a Mentor Software EngineerCommented:
The kernel can handle since after 2.6.6 (and in general a lot of networking bugs did exist until & including 2.6.17)

Since 2.6.6 there is a natt field in the network xfrm modules & data structures.
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.6 - should mention this
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.8 - refers to a patch in AH processing for ipsec.
 (kernel.org is currently down)
0
 
mrkentAuthor Commented:
Thank you
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.