From owner-freebsd-security Tue Mar 5 2:59:37 2002 Delivered-To: freebsd-security@freebsd.org Received: from fe000.worldonline.dk (fe000.worldonline.dk [212.54.64.194]) by hub.freebsd.org (Postfix) with SMTP id C153037B405 for ; Tue, 5 Mar 2002 02:59:32 -0800 (PST) Received: (qmail 30508 invoked by uid 0); 5 Mar 2002 10:46:28 -0000 Received: from 213.237.14.128.adsl.ho.worldonline.dk (HELO dpws) (213.237.14.128) by fe000.worldonline.dk with SMTP; 5 Mar 2002 10:46:28 -0000 Message-ID: <005701c1c432$ff531b50$0301a8c0@dpws> From: "Dennis Pedersen" To: "Shoichi Sakane" Cc: References: <002401c1c42a$29b4cd70$0301a8c0@dpws> <20020305190525E.sakane@kame.net> Subject: Re: Racoon/sainfo - 'no policy found' Date: Tue, 5 Mar 2002 11:46:24 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4807.1700 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4807.1700 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org ----- Original Message ----- From: "Shoichi Sakane" To: Cc: Sent: Tuesday, March 05, 2002 11:05 AM Subject: Re: Racoon/sainfo - 'no policy found' > > > the message means the SPD entry to be used this negotiation has > > > different ipsec tunnel end points, such like > > > > spdadd X Y any -P out ipsec > > > esp/tunnel/A-B/use > > > esp/tunnel/A-C/use; > > > Uhm, i've read and kind of docs about the last parameter on the spdadd > > (use/unique/etc/) but is it explained anywhere when i use what and why? > > > If i wanna set up a box as a concentrator what parm do i use then? > > although i haven't understood what you mean, the kernel can understand > the SP entry which is defined different ipsec tunnel end points. Okai i'll try drawing it then: VPN Office 1--------- \ \ === Main office VPN / Offic 2----------/ Then my question is do i have to set any special parm. in order for the box at the main office to accept both tunnels? (I've seen several conf examples where the last part variates from require/use/unique and so on. But the function of those cmd's i could'nt find anything about?) Regards, Dennis To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message