From owner-freebsd-security Thu Sep 13 12:38:43 2001 Delivered-To: freebsd-security@freebsd.org Received: from iaces.com (horton.iaces.com [204.147.87.98]) by hub.freebsd.org (Postfix) with ESMTP id 1727437B405 for ; Thu, 13 Sep 2001 12:38:40 -0700 (PDT) Received: from iaces.com (ptroot.iaces.com [204.147.87.124]) by iaces.com (8.11.4/8.11.4) with ESMTP id f8DJcdO19807 for ; Thu, 13 Sep 2001 14:38:39 -0500 (CDT) (envelope-from proot@iaces.com) Message-ID: <3BA10B3F.610E6FB3@iaces.com> Date: Thu, 13 Sep 2001 14:38:39 -0500 From: Paul Root X-Mailer: Mozilla 4.77 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: security@freebsd.org Subject: IPSEC config Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, I'm trying to setup a IPSec tunnel and am having trouble. Both machines are 4.4 RC3 (I think, last week). And when I set it up for a transport between the two machines it works fine, so racoon must be fine. I'm following the IPsec mini-HOWTO from January 2001 daemonnews. Here's my config on one end: #!/bin/sh # These commands need to be run on acesfbsd to # connect to lorax, in a IPSEC test # # Setup the tunnel device. gifconfig gif0 10.20.30.4 172.28.56.82 # # The next 2 lines delete all existing entries # from the SPD and SAD setkey -FP setkey -F # Add the policy setkey -c <