From owner-freebsd-security Wed Feb 14 0:29:38 2001 Delivered-To: freebsd-security@freebsd.org Received: from xocah.holywar.net (xocah.holywar.net [211.232.152.22]) by hub.freebsd.org (Postfix) with SMTP id 3D0C237B401 for ; Wed, 14 Feb 2001 00:29:35 -0800 (PST) Received: (qmail 76885 invoked by uid 101); 14 Feb 2001 08:29:29 -0000 Date: Wed, 14 Feb 2001 17:29:29 +0900 From: "ho-sang, yoon" To: freebsd-security@freebsd.org Subject: Racoon startup at boot problem Message-ID: <20010214172929.A76809@xocah.holywar.net> Reply-To: tsoi@xocah.dhs.org Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="sdtB3X0nJg68CQEu" Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org --sdtB3X0nJg68CQEu Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable [ have questioned to questions@, but no answers, so here again ] I have two servers that were secured by IPsec by using racoon. But the problem is, When one server is rebooted and re-initialized racoon,=20 they do not communicate at all, (in my opinion) because of mis-match of=20 SPI on each server's SAD entries.=20 In my thought, racoon allocate random SPI when it is up. Any recommendation? --=20 no signature --sdtB3X0nJg68CQEu Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE6ikHpHLmv9nrxL/MRAnenAJ9a+sxlKGgRkNkq4vDGf86dc1woewCfSalF S+BXtUQYJYNTA3kxwqzB7hk= =J7W+ -----END PGP SIGNATURE----- --sdtB3X0nJg68CQEu-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message