From owner-freebsd-security Mon Sep 25 16: 1:28 2000 Delivered-To: freebsd-security@freebsd.org Received: from lynx.aba.net.au (lynx.esec.com.au [203.21.84.1]) by hub.freebsd.org (Postfix) with SMTP id 2CD4237B43C for ; Mon, 25 Sep 2000 16:01:16 -0700 (PDT) Received: (qmail 29131 invoked from network); 25 Sep 2000 23:01:12 -0000 Received: from swun.esec.com.au (HELO eSec.com.au) (203.21.85.207) by lynx.esec.com.au with SMTP; 25 Sep 2000 23:01:12 -0000 Message-ID: <39CFDB60.A69A3F49@eSec.com.au> Date: Tue, 26 Sep 2000 10:10:24 +1100 From: Sam Wun Organization: eSec X-Mailer: Mozilla 4.74 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 Cc: "'freebsd-security@freebsd.org'" Subject: IPsec block my ssh remote login. References: <00BF97DD9F3FD311AB860060084E50DD311C71@exchange.xpert.com> <20000925143807.A401@hal9000.bsdonline.org> Content-Type: text/plain; charset=gb2312 Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, I have just configured my 4.1 kernel with IPSEC enabled. After executed setkey, it blocks all my network traffic accessing between my client and server machines. I can't even use ssh remote login. Then I used Tcpdump to listen on one of the NIC which is dedicated for the network connection between my client and server machine. I can see ESP packet going thru when I am runniing ssh logging in to my client machine, but ssh seems waiting forever for the reply from my client machine. How can I get some sort of packet go thru with IPSEC protected? Thanks Sam. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message