Date: Tue, 21 Aug 2007 00:01:00 +0530 From: "aditya kiran" <adityaa.kiran@gmail.com> To: freebsd-net@freebsd.org Subject: Racoon and per-socket based IPSec - Doesnt seem to be working! Message-ID: <994cd1cf0708201131k58a7cbbdh531638ccc925854a@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hi, I need some help for ipsec configurations -- I was trying to use per-socket based IPsec with racoon. I have used setsockopt to set the ipsec policy on the socket. Then i started racoon with default configuration of remote and sainfo being anonymous. Now when i try to send out some ICMP packets, racoon gets a notification for key-acquire; however, racoon seems to be checking the policy id in its database and couldnt find one.. so it has thrown an error saying no spdid found!! and it hasnt initiated any key negotiations... is this expected? racoon doesnt work with per-socket based ipsec? if thats the case; how the SA entry in the security policy in the socket will get filled? Or do I need to use setkey to add an SPD even if i use per-socket based ipsec? can somebody please help me in understanding this? Thanks, Adityaa
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?994cd1cf0708201131k58a7cbbdh531638ccc925854a>