Date: Mon, 3 Sep 2001 13:57:48 -0700 From: Kris Kennaway <kris@obsecurity.org> To: RJ45 <rj45@slacknet.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: IPSec on FreeBSD ?? Message-ID: <20010903135748.C36312@xor.obsecurity.org> In-Reply-To: <Pine.LNX.4.21.0109030707360.19758-100000@slacknet.slacknet.com>; from rj45@slacknet.com on Mon, Sep 03, 2001 at 07:08:10AM -0600 References: <Pine.LNX.4.21.0109030707360.19758-100000@slacknet.slacknet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--+nBD6E3TurpgldQp Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Mon, Sep 03, 2001 at 07:08:10AM -0600, RJ45 wrote: > But comparing it with the OpenBSD implementation I still have not found a > way with FreeBSD to set up and ESP trasnport mode (or tunnel) enabling > also the authentication features in ESP, seems like only the > confidentiality features of ESP can be enabled on FreeBSD while on OpenBSD > also the authentication part of ESP can be enabled. > Am I wrong about it ?? I think so. > IF not how to enable authentication of ESP in FreeBSD ?? > Suppose I Do not want to use AH but IWant to use only ESP for > confidentiality (Encrypt the payload) but also for the payload > authentication which is possible according to IPSec RFCs, how > can I enable ESP authentication on FreeBSD ?? These questions are all answered in the documentation. You might like to start with setkey(8) and the documentation on http://www.kame.net. > then I Wanted to ask if racoon is a ISAKMP IKE compliant protocol Yes. Kris --+nBD6E3TurpgldQp Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7k+7MWry0BWjoQKURAiSkAJ9Hd+jVVtNewV6Z3Ksge0cxLjzRIgCg3rXt Ah/G/3tRAUaSuX3ruM5YEP4= =+VHB -----END PGP SIGNATURE----- --+nBD6E3TurpgldQp-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010903135748.C36312>