Date: Mon, 31 Dec 2001 21:28:06 +0200 From: Etienne Ledoux <etienne@unix.za.org> To: freebsd-questions@freebsd.org Subject: Re: Problems getting isakmpd working on FreeBSD. Message-ID: <3C30BC46.6050601@unix.za.org> References: <754EE571E3C8AB4AAD0B26486CAF495E2B0EE6@hq-lab-exch-001.Legal-Aid.co.za>
next in thread | previous in thread | raw e-mail | index | archive | help
Maybe its a problem with my conf file ? I notice that the first error starts with : 203800.262418 Misc 60 conf_get_str: configuration value not found [Phase 1]:Default 203800.262521 Misc 70 conf_set: [Phase 1]:Default->ISAKMP-clients 203800.262602 Misc 60 conf_get_str: configuration value not found [Phase 2]:Passive-Connections 203800.262691 Misc 70 conf_set: [Phase 2]:Passive-Connections->IPsec-clients 203800.262770 Misc 60 conf_get_str: configuration value not found [ISAKMP-clients]:Phase 203800.262858 Misc 70 conf_set: [ISAKMP-clients]:Phase->1 ## Which is the first lines in my config file. [Phase 1] Default=ISAKMP-clients [Phase 2] Passive-Connections=IPsec-clients # Phase 1 peer sections ####################### [ISAKMP-clients] Phase=1 Transport=udp Configuration=PGP-main-mode Any hints ? E. >>-----Original Message----- >>From: Etienne Ledoux [mailto:etienne@unix.za.org] >>Sent: Monday, December 31, 2001 11:02 AM >>To: security@FreeBSD.ORG >>Cc: freebsd-questions@FreeBSD.ORG >>Subject: Problems getting isakmpd working on FreeBSD. >> >> >>Greetings, >> >>Anybody got a working example of isakmpd on FreeBSD. >>I've been following guides mainly intended for OpenBSD it seems (due to a >>lack of finding any for FreeBSD). >> >>I used the conf and policy files of various working examples. >>http://www.allard.nu/openbsd/isakmpd.conf >>http://www.allard.nu/openbsd/isakmpd.policy >>and others... >> >>But when I start isakmpd I get the following errors: >> >>094416.943999 Misc 60 conf_get_str: configuration value not found >>[QM-AH-BLF-RIPEMD-PFS-XF]:ENCAPSULATION_MODE >>094416.944033 Misc 70 conf_set: >>[QM-AH-BLF-RIPEMD-PFS-XF]:ENCAPSULATION_MODE->TUNNEL >>094416.944063 Misc 60 conf_get_str: configuration value not found >>[QM-AH-BLF-RIPEMD-PFS-XF]:AUTHENTICATION_ALGORITHM >>094416.944096 Misc 70 conf_set: >>[QM-AH-BLF-RIPEMD-PFS-XF]:AUTHENTICATION_ALGORITHM->HMAC_RIPEMD >>094416.944128 Misc 60 conf_get_str: configuration value not found >>[QM-AH-BLF-RIPEMD-PFS-XF]:GROUP_DESCRIPTION >>094416.944160 Misc 70 conf_set: >>[QM-AH-BLF-RIPEMD-PFS-XF]:GROUP_DESCRIPTION->MODP_1024 >>.. >>..the list continues. >> >>The only thing I haven't done that is mentioned in the documentation(s) >>(http://www.allard.nu/openbsd/openbsd.shtml, etc.) available. >><snip> >> >>Edit your /etc/sysctl.conf to include the things below (reboot >> > afterwards): > >> net.inet.ip.forwarding=1 # 1=Permit forwarding >> net.inet.esp.enable=1 # 1=Enable the ESP IPSec protocol >> >> >>and if you are running 2.7 you need this aswell: >> >> net.inet.ip.ipsec-acl=0 # 0=disable IPsec ingress ACL checking >> >><snip> >> >>Would these values be the same for FreeBSD? (Stupid question maybe) >> >>I tried adding these values using : sysctl <name>=<value> >> >>### >>[root@bbmwall root]# sysctl net.inet.esp.enable=1 >>sysctl: unknown oid 'net.inet.esp.enable' >>### >> >>Maybe this is my problem ? >> >>Any ideas. >> >>tx in advance. >> >>Etienne. >> >>Any Help would be appreciated with regards to getting isakmp working on >>FreeBSD >> > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3C30BC46.6050601>