Date: Fri, 28 Sep 2001 17:30:54 +0100 From: Fergus Cameron <cameron@argus-systems.com> To: security <freebsd-security@freebsd.org> Subject: Re: IPSec with a Solaris 8 box Message-ID: <20010928173053.E3792@dedog.argus-systems.co.uk> In-Reply-To: <3BB0EEE5.64D0D4F@iaces.com>; from proot@iaces.com on Tue, Sep 25, 2001 at 03:53:57PM -0500 References: <3BB0EEE5.64D0D4F@iaces.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--a8Wt8u1KmwUX3Y2C Content-Type: text/plain; charset=us-ascii Content-Disposition: inline > Anybody done IPSEC between a FreeBSD box and a Solaris 8 box? yup, please find attached. also note that you need the optional encryption download from sun. something it took me almost a week of testing before somebody finally let me know - it doesn't appear on any docs as far as i can tell. --a8Wt8u1KmwUX3Y2C Content-Type: text/plain; charset=us-ascii Content-Description: solaris config entries (not single file on box) Content-Disposition: attachment; filename="ipsec-test.conf" add 192.168.1.30 192.168.1.20 ah 0x1001 -m transport -A hmac-sha1 0x5468495369537468455465735441557448614c47 ; add 192.168.1.20 192.168.1.30 ah 0x1000 -m transport -A hmac-sha1 0x5468495369537468455465735441557448614c47 ; spdadd 192.168.1.30 192.168.1.20 any -P out ipsec ah/transport/192.168.1.30-192.168.1.20/require ; spdadd 192.168.1.20 192.168.1.30 any -P out ipsec ah/transport/192.168.1.20-192.168.1.30/use ; --a8Wt8u1KmwUX3Y2C Content-Type: text/plain; charset=us-ascii Content-Description: freebsd configuration file Content-Disposition: attachment; filename="ipsec.conf" add 192.168.1.30 192.168.1.20 ah 1001 -m transport -A hmac-sha1 0x5468495369537468455465735441557448614c47 ; add 192.168.1.20 192.168.1.30 ah 1002 -m transport -A hmac-sha1 0x5468495369537468455465735441557448614c47 ; add 192.168.1.30 192.168.1.20 esp 2001 -m transport -E des-cbc 0x7061737368657265 ; add 192.168.1.20 192.168.1.30 esp 2002 -m transport -E des-cbc 0x7061737368657265 ; spdadd 192.168.1.30 192.168.1.20 any -P in ipsec ah/transport/192.168.1.30-192.168.1.20/require esp/transport/192.168.1.30-192.168.1.20/require ; --a8Wt8u1KmwUX3Y2C-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010928173053.E3792>