From owner-freebsd-net@FreeBSD.ORG Mon Jun 26 07:16:31 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 99A4416A403 for ; Mon, 26 Jun 2006 07:16:31 +0000 (UTC) (envelope-from mv@thebeastie.org) Received: from p4.roq.com (ns1.ecoms.com [207.44.130.137]) by mx1.FreeBSD.org (Postfix) with ESMTP id E4AF843DBD for ; Mon, 26 Jun 2006 07:16:17 +0000 (GMT) (envelope-from mv@thebeastie.org) Received: from p4.roq.com (localhost.roq.com [127.0.0.1]) by p4.roq.com (Postfix) with ESMTP id 87B964CD95 for ; Mon, 26 Jun 2006 07:16:19 +0000 (GMT) Received: from vaulte.jumbuck.com (ppp166-27.static.internode.on.net [150.101.166.27]) by p4.roq.com (Postfix) with ESMTP id 214D94CDD7 for ; Mon, 26 Jun 2006 07:16:19 +0000 (GMT) Received: from vaulte.jumbuck.com (localhost [127.0.0.1]) by vaulte.jumbuck.com (Postfix) with ESMTP id 7A13D8A062; Mon, 26 Jun 2006 17:16:15 +1000 (EST) Received: from [192.168.46.102] (unknown [192.168.46.250]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by vaulte.jumbuck.com (Postfix) with ESMTP id 71E5D8A01F; Mon, 26 Jun 2006 17:16:15 +1000 (EST) Message-ID: <449F89BE.7070508@thebeastie.org> Date: Mon, 26 Jun 2006 17:16:14 +1000 From: Michael Vince User-Agent: Mozilla/5.0 (X11; U; FreeBSD amd64; en-US; rv:1.7.12) Gecko/20060404 X-Accept-Language: en-us, en MIME-Version: 1.0 To: David DeSimone References: <449228FA.50303@thebeastie.org> <20060616122855.GA29279@uk.tiscali.com> <20060616154306.GA18578@verio.net> <449B5D50.8000700@thebeastie.org> <20060623062221.GA23272@verio.net> <449F52AA.8080504@thebeastie.org> <20060626040939.GA25367@verio.net> <20060626063010.GB25367@verio.net> In-Reply-To: <20060626063010.GB25367@verio.net> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV using ClamSMTP X-Virus-Scanned: ClamAV using ClamSMTP Cc: freebsd-net@freebsd.org Subject: Re: VPN with FAST_IPSEC and ipsec tools X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Jun 2006 07:16:31 -0000 David DeSimone wrote: >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >David DeSimone wrote: > > >>Hmm... In examining my kernel configuration I found these options: >> >> options IPSEC >> options IPSEC_ESP >> options IPSEC_DEBUG >> # options IPSEC_FILTERGIF >> # options FAST_IPSEC >> >>So it appears that I am NOT using FAST_IPSEC. >> >> > >I have now recompiled my kernel with the following options: > > # options IPSEC > # options IPSEC_ESP > # options IPSEC_DEBUG > # options IPSEC_FILTERGIF > options FAST_IPSEC > > device crypto > >After rebooting, I noticed the startup messages show I am indeed using >FAST_IPSEC. > >My other configuration remains unchanged. I can still establish and use >the tunnels I have set up, so I don't believe this is an IPSEC vs >FAST_IPSEC problem you're seeing. > >- -- >David DeSimone == Network Admin == fox@verio.net > Darn, maybe you should try upgrading to 6.1 release and see if that does any thing. Also I am using the latest ipsec-tools in the ports tree 0.6.6 Mike