From owner-freebsd-security Fri Aug 2 22:22:18 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 980E237B400 for ; Fri, 2 Aug 2002 22:22:15 -0700 (PDT) Received: from mail.crypton.pl (ns.crypton.pl [195.216.109.11]) by mx1.FreeBSD.org (Postfix) with SMTP id 561C843E42 for ; Fri, 2 Aug 2002 22:22:14 -0700 (PDT) (envelope-from mailman@mail.crypton.pl) Received: (qmail 13477 invoked by uid 1002); 3 Aug 2002 05:22:12 -0000 Date: Sat, 3 Aug 2002 07:22:12 +0200 From: =?iso-8859-2?Q?Maciej_Wi=B6niewski?= To: Trish Lynch Cc: freebsd-security@FreeBSD.org Subject: Re: [Q] FreeBSD IPSec Discussion. Message-ID: <20020803072211.A13088@killer.crypton.pl> References: <20020802093902.K497-100000@femme.sapphite.org> <20020802131910.E6519-100000@femme.sapphite.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20020802131910.E6519-100000@femme.sapphite.org>; from trish@bsdunix.net on Fri, Aug 02, 2002 at 01:21:35PM -0400 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello I have one question: why you use gif interface while esp doing all job for you without any additional gif interfaces ??? I have some network of gateways tunneling IP packets via IPSec and it's pretty stable to. And I don't use any gifs or other extra toys: just clean IPSec configuration. Maybe it's something about which I should know ? Regards Nomad On Fri, Aug 02, 2002 at 01:21:35PM -0400, Trish Lynch wrote: > > Lots of people have requested that I document this info somewhere, and I > will do so, probably this Sunday, when I have a little free time to > myself. > > I *do* use the gif interface., and I have some pretty stable tunnels, > again, YMMV. > > I've even gotten it to run with interfaces that have packets diverted > through natd :) > > -Trish > > > > > On Fri, 2 Aug 2002, Trish Lynch wrote: > > > > > No, its so complicated that nobody has the answers :) > > > > Here or -questions would most likely be the best place. I just recently > > learned a hell of a lot about KAME/racoon by trial and error over the past > > couple weeks, including interop issues between other vendor's > > software/hardware. (specifically Ravlins), so If I can help, I'll attempt > > to. > > > > -Trish > > > > > > -- > > Trish Lynch trish@bsdunix.net > > FreeBSD The Power to Serve > > Ecartis Core Team trish@listmistress.org > > http://www.freebsd.org > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > > > -- > Trish Lynch trish@bsdunix.net > FreeBSD The Power to Serve > Ecartis Core Team trish@listmistress.org > http://www.freebsd.org > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message