Date: Mon, 06 Aug 2001 14:45:35 +0900 From: itojun@iijlab.net To: "Travis Leuthauser" <lists-freebsd-net@crimsonwasteland.com> Cc: freebsd-net@freebsd.org Subject: Re: IPSec Question Message-ID: <25572.997076735@itojun.org> In-Reply-To: lists-freebsd-net's message of Sun, 05 Aug 2001 21:05:14 EST. <OLEPKBMLIHCGDKLGKPJGKEDIDLAA.lists-freebsd-net@crimsonwasteland.com>
next in thread | previous in thread | raw e-mail | index | archive | help
>I'm trying to setup a tunnel between a FreeBSD 4.4 Prerelease box and a >Netopia R9100 dual ethernet router. Here's my current setup. FreeBSD box >is doing nat for my private nat and is running IPFW allowing only desired >ports in. > >Private IP = 172.16.69.1 >Public IP = a.a.a.a >Netopia R9100 Public IP = b.b.b.b >Netopia R9100 Private IP = 172.16.250.1 >32 Char. Hex Auth Key = 75b916ac534cef32d3db8a44cf5b62c1 >SPI = 2568731067 >Auth Type = esp >Auth Transform = hmac-md5-96 >No Encryption >No Compression > >Here's where my problem is coming in. If I issue the following command: > >firewall# setkey -c <<EOF >? add a.a.a.a b.b.b.b esp 2568731067 -m tunnel -A hmac-md5 >0x75b916ac534cef32d3db8a44cf5b62c1 ; >? EOF > >I get the following: > >The result of line 1: Invalid argument. you need " -E simple" for "ESP with no encryption" setting. itojun To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?25572.997076735>