From owner-freebsd-current@FreeBSD.ORG Tue Feb 3 07:53:12 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0FD2216A4CE; Tue, 3 Feb 2004 07:53:12 -0800 (PST) Received: from gvr.gvr.org (gvr-gw.gvr.org [80.126.103.228]) by mx1.FreeBSD.org (Postfix) with ESMTP id B909243D3F; Tue, 3 Feb 2004 07:53:10 -0800 (PST) (envelope-from guido@gvr.org) Received: by gvr.gvr.org (Postfix, from userid 657) id DC4C92B; Tue, 3 Feb 2004 16:53:09 +0100 (CET) Date: Tue, 3 Feb 2004 16:53:09 +0100 From: Guido van Rooij To: "Crist J. Clark" Message-ID: <20040203155309.GA22676@gvr.gvr.org> References: <1074650025.701.82.camel@itouch-1011.prv.au.itouchnet.net> <20040122110929.GA767@gvr.gvr.org> <20040203070435.GB46486@blossom.cjclark.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20040203070435.GB46486@blossom.cjclark.org> cc: Andrew Thomson cc: current@freebsd.org Subject: Re: ipsec changes in 5.2R X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Feb 2004 15:53:12 -0000 On Mon, Feb 02, 2004 at 11:04:36PM -0800, Crist J. Clark wrote: > > I have seen the same. Somehow it looks like ISAKMP traffic, which used to > > go around the ipsec policy, is now included. The only workaround I know > > of is to replace "require" with "use". > > A little late on this, but FAST_IPSEC rather than KAME IPsec will fix > the problem. Thanks! That helped! -Guido