Date: Tue, 13 Apr 2004 04:49:36 +0000 (UTC) From: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> To: Timothy Ham <tham@nth-order.com> Cc: freebsd-gnats-submit@FreeBSD.org Subject: Re: kern/65474: IPSEC filters outbound ISAKMP traffic and IPSEC negotiation fails. Message-ID: <Pine.BSF.4.53.0404130442370.78075@e0-0.zab2.int.zabbadoz.net> In-Reply-To: <200404122254.i3CMsWEi004062@www.freebsd.org> References: <200404122254.i3CMsWEi004062@www.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 12 Apr 2004, Timothy Ham wrote: > >Number: 65474 > >Category: kern > > >Fix: > Un-safe workaround: instead of "require" policy, use "use". exclude IKE traffic from your policy before your other rules is a better workaround I think because you can still use /require for the other rules then. Please see the end of follwoing thread how to do the above and in which revisions your problem got fixed by Hajimu Umemoto. http://lists.freebsd.org/pipermail/freebsd-net/2004-March/003542.html -- Greetings Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT 56 69 73 69 74 http://www.zabbadoz.net/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.53.0404130442370.78075>