Date: Fri, 09 Dec 2016 10:49:28 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-amd64@FreeBSD.org Subject: [Bug 215172] update the ipsec portion of the handbook Message-ID: <bug-215172-6@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D215172 Bug ID: 215172 Summary: update the ipsec portion of the handbook Product: Documentation Version: Latest Hardware: amd64 OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Documentation Assignee: freebsd-doc@FreeBSD.org Reporter: herminio.hernandezjr@gmail.com CC: freebsd-amd64@FreeBSD.org CC: freebsd-amd64@FreeBSD.org I followed the Handbook's guide in setting up an ipsec VPN (Ch13.7). The gu= ide has you set up two files /usr/local/etc/racoon/racoon.conf and /usr/local/etc/setkey.conf. The first defines the tunnel settings and second sets up the SDP (Security Policy Database). The first thing I noticed was t= here was no explanation on setting up the preshare key file (psk.txt). This was located in the man page for racoon.conf. However after verifying all the settings were correct I tested my tunnel and I kept running into this error ERROR: no policy found: 192.168.254.0/24[0] 10.134.0.0/16[0] proto=3Dany d= ir=3Din I finally figured out that the error was saying there was no policy defined= in the database. I set it in setkey.conf but it was never loaded. I looked in = the man page for setkey and then ran the command 'setkey -v -f /usr/local/etc/racoon/setkey.conf'. This loaded the file and my tunnel came= up. I think it would be a good idea to add this to the handbook in case others = run into this issue. --=20 You are receiving this mail because: You are on the CC list for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-215172-6>