Date: Mon, 9 Aug 2004 16:11:37 +0200 From: Alexander Leidinger <Alexander@Leidinger.net> To: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> Cc: FreeBSD current mailing list <current@freebsd.org> Subject: Re: IPSec + 5.2.current Problem Message-ID: <20040809161137.0bab2d07@Magellan.Leidinger.net> In-Reply-To: <Pine.BSF.4.53.0408091338520.1709@e0-0.zab2.int.zabbadoz.net> References: <200408080622.i786Mnhe017474@www1.pochta.ru> <20040808132524.GB1033@mehnert.org> <20040808155623.2fa6fb4b@Magellan.Leidinger.net> <20040809112700.GB659@mehnert.org> <20040809150754.13ca108a@Magellan.Leidinger.net> <Pine.BSF.4.53.0408091314260.1709@e0-0.zab2.int.zabbadoz.net> <20040809153341.24963cfd@Magellan.Leidinger.net> <Pine.BSF.4.53.0408091338520.1709@e0-0.zab2.int.zabbadoz.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 9 Aug 2004 13:45:52 +0000 (UTC)
"Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> wrote:
> On Mon, 9 Aug 2004, Alexander Leidinger wrote:
>
> > On Mon, 9 Aug 2004 13:21:01 +0000 (UTC)
> > "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> wrote:
> >
> > > > > I also had some problems with IPSEC and IPSEC_ESP, changing require
> > > > > to use in the policies fixed that. With require racoon was not able
> > > > > to initiate phase 1, because all non esp traffic was dropped.
> > >
> > > whyever I hadn't seen this posting.
> >
> > Did you noticed Message-Id:
> > <20040805223027.7df0732b@Magellan.Leidinger.net> on -current?
>
> I had seen that mail but I cannot see this paragraph in there. anyway..
It's another thread without any discussion.
> > > > I think this is a datapoint... I use a "require" policy too. ATM I can't
> > > > test with "use" instead.
> > >
> > > but this problem had been fixed months ago for IPSEC.
> >
> > Any other idea for the cause of the observed behavior?
>
> which on ? use vs. require ? I think this is just not HEAD.
In my case it's -current from Jul 18.
> your problem: do you really need gif(4) ? if yes - what for ?
In my case the problem doesn't matter, since using FAST_IPSEC works for
me. But I think it should be fixed for 5.3.
As you can see in the above mentioned mail, I converted a 4.x system to
-current. On 4.x I've used gif for a tunnel (as documented in the
handbook) between the FreeBSD system and a VPN appliance which isn't
under my control. Is there another way to setup a tunnel in -current?
Bye,
Alexander.
--
I'm available to get hired (preferred in .lu).
http://www.Leidinger.net Alexander @ Leidinger.net
GPG fingerprint = C518 BC70 E67F 143F BE91 3365 79E2 9C60 B006 3FE7
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040809161137.0bab2d07>