Date: Thu, 24 Jan 2002 21:43:49 +0300 From: dr3node <rtfm@webburo.ru> To: freebsd-security@freebsd.org Subject: Re: Can't set up an IPsec tunnel. Message-ID: <200201241847.AHX10883@vmms1.verisignmail.com>
next in thread | raw e-mail | index | archive | help
i've read everything i could find. that is the latest try: Remote host: ifconfig gif0 create tunnel 222.222.22.2 111.111.11.1 ifconfig gif0 inet 222.222.22.2 192.168.0.1 netmask 0xffffff00 setkey -FP setkey -F ipsec.conf: // spdadd 0.0.0.0/0 192.168.0.0/24 any -P out ipsec esp/tunnel/222.222.22.2-111.111.11.1/require; spdadd 192.168.0.0/24 0.0.0.0/0 any -P in ipsec esp/tunnel/111.111.11.1-222.222.22.2/require; // + racoon with the keys in /usr/local/etc/racoon/psk.txt setkey -f /etc/ipsec.conf Local gateway: ifconfig fxp0 111.111.11.1 netmask 0xffffffff alias ifconfig gif0 create tunnel 111.111.11.1 222.222.22.2 ifconfig gif0 inet 192.168.0.1 222.222.22.2 netmask 0xffffff00 setkey -FP setkey -F ipsec.conf: // spdadd 192.168.0.0/24 0.0.0.0/0 any -P out ipsec esp/tunnel/111.111.11.1-222.222.22.2/require; spdadd 0.0.0.0/0 192.168.0.0/24 any -P in ipsec esp/tunnel/222.222.22.2-111.111.11.1/require; // + racoon with the keys in /usr/local/etc/racoon/psk.txt setkey -f /etc/ipsec.conf and the connection on the gate drops down. the error is: /kernel: gif_output: recursively called too many times(2) i'm wondering what if any troubles because of that RedHat gate with the masquarade or because of my stupidy. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200201241847.AHX10883>