From owner-freebsd-questions Mon Dec 31 1: 5:21 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mail.uskonet.com (mail.uskonet.com [196.3.164.41]) by hub.freebsd.org (Postfix) with ESMTP id CD58137B41D; Mon, 31 Dec 2001 01:05:06 -0800 (PST) Received: from M4DC0W ([196.35.242.9]) by mail.uskonet.com (8.11.0/8.11.0) with SMTP id fBV92bP31469; Mon, 31 Dec 2001 11:02:37 +0200 Message-ID: <00b501c191d9$c6d3bae0$09f223c4@M4DC0W> From: "Etienne Ledoux" To: Cc: Subject: Problems getting isakmpd working on FreeBSD. Date: Mon, 31 Dec 2001 11:01:41 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Greetings, Anybody got a working example of isakmpd on FreeBSD. I've been following guides mainly intended for OpenBSD it seems (due to a lack of finding any for FreeBSD). I used the conf and policy files of various working examples. http://www.allard.nu/openbsd/isakmpd.conf http://www.allard.nu/openbsd/isakmpd.policy and others... But when I start isakmpd I get the following errors: 094416.943999 Misc 60 conf_get_str: configuration value not found [QM-AH-BLF-RIPEMD-PFS-XF]:ENCAPSULATION_MODE 094416.944033 Misc 70 conf_set: [QM-AH-BLF-RIPEMD-PFS-XF]:ENCAPSULATION_MODE->TUNNEL 094416.944063 Misc 60 conf_get_str: configuration value not found [QM-AH-BLF-RIPEMD-PFS-XF]:AUTHENTICATION_ALGORITHM 094416.944096 Misc 70 conf_set: [QM-AH-BLF-RIPEMD-PFS-XF]:AUTHENTICATION_ALGORITHM->HMAC_RIPEMD 094416.944128 Misc 60 conf_get_str: configuration value not found [QM-AH-BLF-RIPEMD-PFS-XF]:GROUP_DESCRIPTION 094416.944160 Misc 70 conf_set: [QM-AH-BLF-RIPEMD-PFS-XF]:GROUP_DESCRIPTION->MODP_1024 .. ..the list continues. The only thing I haven't done that is mentioned in the documentation(s) (http://www.allard.nu/openbsd/openbsd.shtml, etc.) available. Edit your /etc/sysctl.conf to include the things below (reboot afterwards): net.inet.ip.forwarding=1 # 1=Permit forwarding net.inet.esp.enable=1 # 1=Enable the ESP IPSec protocol and if you are running 2.7 you need this aswell: net.inet.ip.ipsec-acl=0 # 0=disable IPsec ingress ACL checking Would these values be the same for FreeBSD? (Stupid question maybe) I tried adding these values using : sysctl = ### [root@bbmwall root]# sysctl net.inet.esp.enable=1 sysctl: unknown oid 'net.inet.esp.enable' ### Maybe this is my problem ? Any ideas. tx in advance. Etienne. Any Help would be appreciated with regards to getting isakmp working on FreeBSD To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message