From owner-freebsd-questions Tue Feb 20 5:49:51 2001 Delivered-To: freebsd-questions@freebsd.org Received: from fusion.za.vardus.net (fusion.za.vardus.net [196.36.181.67]) by hub.freebsd.org (Postfix) with ESMTP id 68BCB37B401 for ; Tue, 20 Feb 2001 05:49:42 -0800 (PST) (envelope-from chrisk@vardus.net) Received: from host-100.za.vardus.net ([10.0.2.100] helo=savage) by fusion.za.vardus.net with smtp (Exim 3.16 #1) id 14VDAg-000485-00 for freebsd-questions@freebsd.org; Tue, 20 Feb 2001 15:49:38 +0200 Message-ID: <03a201c09b43$f7fc8710$6402000a@VARDUSZA.com> Reply-To: "Chris Knipe" From: "Chris Knipe" To: Subject: ipsecd Date: Tue, 20 Feb 2001 15:49:39 +0200 Organization: Vardus Internet Solutions MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi all, I'm having a major issue with ipsec the last two / three weeks... I'm running out of ideas here, and any help will be much appreciated... There's basically two scenarios, each one failing... The first of which, I compile ipsec support into the kernel (FreeBSD 4.2-STABLE) su-2.03# setkey -F su-2.03# But... su-2.03# /usr/local/sbin/pipsecd socket(SOCK_RAW): Protocol not supported su-2.03# If I remove ipsec support from the kernel, the exact opposite happens... setkey -F complains about protocol not supported, while pipsec its sweet and runs... I am right to assume that I need both ipsec and setkey to function properly for encrypted VPN configurations, but alas, two weeks, 24 kernel builds, and still no avail... Here's what's in my kernel config options INET #InterNETworking options IPSEC #IP security options IPSEC_ESP #IP security (crypto; define w/ IPSEC) options IPSEC_DEBUG #debug for IP security options TCP_COMPAT_42 #emulate 4.2BSD TCP bugs options MROUTING # Multicast routing The rest isn't really relevant? Regards, Chris Knipe Technical Administrator Vardus (Pty) Ltd Cape Town - South Africa Tel: (+27) 21 670 9880 Fax: (+27) 21 674 4549 Cell: (+27) 83 430 8151 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message