Date: Thu, 2 Sep 2004 19:04:55 -0700 (PDT) From: cpu memhd <cpumemhd@yahoo.com> To: freebsd-net@freebsd.org Subject: IPsec blues 5.2.1 Message-ID: <20040903020455.44375.qmail@web61308.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
I know about the broken IPSEC problem so I have compiled kernel with FAST_IPSEC. The man pages say: "In general, the Fast IPsec implementation is intended to be compatible with the KAME IPsec implementation." Then, when reading 14.10 VPN over IPsec docs... http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ipsec.html It mentions using racoon and modifing ${PREFIX}/etc/racoon/psk.txt. But this file does not exist. Do I still have to use racoon, how do I get this working? Another problem is the handbook example shows rc.conf configuration as: gifconfig_gif0="A.B.C.D W.X.Y.Z" ifconfig_gif0="inet 192.168.1.1 192.168.2.1 netmask 0xffffffff" static_routes="vpn" route_vpn="192.168.2.0 192.168.2.1 netmask 0xffffff00" But shouldn't the two gateways be on the same subnet (192.168.1.x)? Also, I try to run setkey -D but I get an error "pfkey_open: Protocol not supported". Thanks. --------------------------------- Do you Yahoo!? Yahoo! Mail - 50x more storage than other providers!
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040903020455.44375.qmail>