Date: Fri, 27 Sep 2002 01:30:10 -0500 (CDT) From: Chris Kesler <chris@pconline.com> To: editors@daemonnews.org Cc: Chris Kesler <chris@pconline.com>, <doc@freebsd.org> Subject: Edit for FreeBSD IPsec mini-HOWTO Message-ID: <Pine.LNX.4.44.0209270118320.5117-100000@newton.pconline.com>
next in thread | raw e-mail | index | archive | help
I've been using the "FreeBSD IPsec mini-HOWTO" to try to create a tunnel between two FreeBSD boxes, and I found a bug in the document. The latest version of the document verifies the bug. Your page, http://www.daemonnews.org/200101/ipsec-howto.html, shows this: spdadd 10.10.10.0/24 10.20.20.0/24 any -P out ipsec esp/transport/1.2.3.4-5.6.7.8/require; spdadd 10.20.20.0/24 10.10.10.0/24 any -P in ipsec esp/transport/5.6.7.8-1.2.3.4/require; [ text omitted ] spdadd 10.20.20.0/24 10.10.10.0/24 any -P out ipsec esp/transport/5.6.7.8-1.2.3.4/require; spdadd 10.10.10.0/24 10.20.20.0/24 any -P in ipsec esp/transport/1.2.3.4-5.6.7.8/require; It should read as the latest version of the tutorial reads, like this: spdadd 10.10.10.0/24 10.20.20.0/24 any -P out ipsec esp/tunnel/1.2.3.4-5.6.7.8/require; spdadd 10.20.20.0/24 10.10.10.0/24 any -P in ipsec esp/tunnel/5.6.7.8-1.2.3.4/require; [ text omitted ] spdadd 10.20.20.0/24 10.10.10.0/24 any -P out ipsec esp/tunnel/5.6.7.8-1.2.3.4/require; spdadd 10.10.10.0/24 10.20.20.0/24 any -P in ipsec esp/tunnel/1.2.3.4-5.6.7.8/require; I had looked at it closely several times before I caught it as a bug, and I thought that it must be correct that "tunnel mode" uses esp/transport/1.2.3.4-5.6.7.8/require; instead of esp/tunnel/1.2.3.4-5.6.7.8/require; It's a simple error, but I spent a lot of time debugging this one. I think that other FreeBSD users would be happy if you corrected it. Thanks, Chris Kesler To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-doc" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.44.0209270118320.5117-100000>