Date: Fri, 28 Sep 2001 17:30:54 +0100 From: Fergus Cameron <cameron@argus-systems.com> To: security <freebsd-security@freebsd.org> Subject: Re: IPSec with a Solaris 8 box Message-ID: <20010928173053.E3792@dedog.argus-systems.co.uk> In-Reply-To: <3BB0EEE5.64D0D4F@iaces.com>; from proot@iaces.com on Tue, Sep 25, 2001 at 03:53:57PM -0500 References: <3BB0EEE5.64D0D4F@iaces.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] > Anybody done IPSEC between a FreeBSD box and a Solaris 8 box? yup, please find attached. also note that you need the optional encryption download from sun. something it took me almost a week of testing before somebody finally let me know - it doesn't appear on any docs as far as i can tell. [-- Attachment #2 --] add 192.168.1.30 192.168.1.20 ah 0x1001 -m transport -A hmac-sha1 0x5468495369537468455465735441557448614c47 ; add 192.168.1.20 192.168.1.30 ah 0x1000 -m transport -A hmac-sha1 0x5468495369537468455465735441557448614c47 ; spdadd 192.168.1.30 192.168.1.20 any -P out ipsec ah/transport/192.168.1.30-192.168.1.20/require ; spdadd 192.168.1.20 192.168.1.30 any -P out ipsec ah/transport/192.168.1.20-192.168.1.30/use ; [-- Attachment #3 --] add 192.168.1.30 192.168.1.20 ah 1001 -m transport -A hmac-sha1 0x5468495369537468455465735441557448614c47 ; add 192.168.1.20 192.168.1.30 ah 1002 -m transport -A hmac-sha1 0x5468495369537468455465735441557448614c47 ; add 192.168.1.30 192.168.1.20 esp 2001 -m transport -E des-cbc 0x7061737368657265 ; add 192.168.1.20 192.168.1.30 esp 2002 -m transport -E des-cbc 0x7061737368657265 ; spdadd 192.168.1.30 192.168.1.20 any -P in ipsec ah/transport/192.168.1.30-192.168.1.20/require esp/transport/192.168.1.30-192.168.1.20/require ;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010928173053.E3792>