Date: Wed, 20 Nov 2002 14:47:35 +0100 From: Guido van Rooij <guido@gvr.org> To: Scott Ullrich <sullrich@CRE8.COM> Cc: 'Archie Cobbs' <archie@dellroad.org>, David Kelly <dkelly@HiWAAY.net>, "'greg.panula@dolaninformation.com'" <greg.panula@dolaninformation.com>, FreeBSD-stable@FreeBSD.ORG Subject: Re: IPsec/gif VPN tunnel packets on wrong NIC in ipfw? SOLUTION A ND QUESTIONS Message-ID: <20021120134735.GA10249@gvr.gvr.org> In-Reply-To: <2F6DCE1EFAB3BC418B5C324F13934C9601D23C7A@exchange.corp.cre8.com> References: <2F6DCE1EFAB3BC418B5C324F13934C9601D23C7A@exchange.corp.cre8.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Nov 20, 2002 at 08:51:55AM -0500, Scott Ullrich wrote: > Gudio, > > Please do not take offense to my comment. I was simply letting you know I > sent this to you yesterday. > > I sent 2 sets of outputs from the commands, the first time before switching > to transport mode from tunnel. After switching I tried every rule variation > I could think of to no avail. > > After looking at the below message, I cannot honestly see a differece > between the setkey -D -P commands besides the IP's that are in use. Can you > eloborate a little? > Yes, you are encrypting the wrong packets. You should be encrypting the tunneled packet but you are tunneling the encrypted packets. Please just try what I adviced. > Again, please do not take a offense to my messages; its very easy to take > email tone out of context. Okay, point taken. -Guido To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021120134735.GA10249>