Date: Wed, 3 Nov 2004 18:47:46 +0000 From: Lewis Thompson <lewiz@fajita.org> To: FreeBSD-questions <questions@freebsd.org> Subject: Re: IPSEC (5.3-RC2) -- IKE traffic problem. Message-ID: <20041103184746.GB81256@fajita.org> In-Reply-To: <20041102193347.GA67384@fajita.org> References: <20041102193347.GA67384@fajita.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--FkmkrVfFsRoUs1wW Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Nov 02, 2004 at 07:33:47PM +0000, Lewis Thompson wrote: > I'm attempting to get an encrypted tunnel going between two machines. > Before I start pasting away my configs, tcpdump logs, racoon logs, etc. > I would like to ask the following question: >=20 > I've read that 5.2.1 had broken IPSEC, such that IKE traffic (port 500) > was not bypassed (or something along those lines). A full thread can be > found at > http://groups.google.com/groups?hl=3Den&lr=3D&threadm=3D257C203C-8104-11D= 8-9902-00039303AB38_mac.com%40ns.sol.net&rnum=3D10&prev=3D/groups%3Fq%3Dan%= 2520acceptable%2520proposal%2520found%26hl%3Den%26lr%3D%26sa%3DN%26tab%3Dwg >=20 > Does anybody know if this has now been resolved in 5.3RC2? Do I need > to start doing special things to make IPSEC work? Or am I just a > bonehead who has screwed his config up somehow? It turns out I'd make the simplest of mistakes: the permissions on psk.txt were wrong! IPsec works fine on 5.3RC2. racoon only warned me about the permissions when I started it in the foreground (either that or I managed to overlook it in the debug log over and over again -- it wouldn't surprise me). -lewiz. --=20 I was so much older then, I'm younger than that now. --Bob Dylan, 1964. ------------------------------------------------------------------------ -| msn:lewiz@fajita.org | jabber:lewiz@jabber.org | url:www.lewiz.org |- --FkmkrVfFsRoUs1wW Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) iD8DBQFBiSfSItq0KFQv7T8RAjUqAJ96MYWSEogGrk7C2Q/NhrLh9LqgSQCg0FI9 R4Zc0t2hNMTHN8Rr0tiHz4Y= =9TYv -----END PGP SIGNATURE----- --FkmkrVfFsRoUs1wW--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041103184746.GB81256>