From owner-freebsd-security Wed May 22 1:36:54 2002 Delivered-To: freebsd-security@freebsd.org Received: from cnvbrlx01.net.cnv.at (ws166.cnv.at [212.51.224.166]) by hub.freebsd.org (Postfix) with ESMTP id 601AB37B40A for ; Wed, 22 May 2002 01:36:18 -0700 (PDT) Received: from cnvbrlx01.net.cnv.at (localhost [127.0.0.1]) by cnvbrlx01.net.cnv.at (8.12.1/8.12.1) with ESMTP id g4M8UaJZ014574; Wed, 22 May 2002 10:30:36 +0200 Received: from slashtom.slash10.com (fritz.intra.vtg.at [10.254.0.234]) by cnvbrlx01.net.cnv.at (8.12.1/8.12.1) with ESMTP id g4M8UZVo014569; Wed, 22 May 2002 10:30:36 +0200 Message-Id: <5.1.0.14.0.20020522104354.00b02fa8@alpha.slash10.net> X-Sender: tf@alpha.slash10.net X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Wed, 22 May 2002 10:51:41 +0200 To: freebsd-security@freeBSD.ORG From: Thomas Fritz Subject: Racoon not synchronizing keys? (was: none) Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi again! Forgot the subject the first time... I already got an answer to my question, which stated, that I should use manual keys instead. But that's not an option for me. Is there really no other solution? Thanks /tom >Hi there! > >On the URL http://www.onlamp.com/pub/a/bsd/2001/12/10/ipsec.html I found >this warning below: > >One other word of warning -- if you reboot one of the hosts, and suddenly >have connectivity problems, flush the keys on both machines by running >setkey -F. It's possible for the keys to get out of sync. > > >Is there any way to overcome this problem without flushing the keys by hand? > > >Thanks in advance > >/tom To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message