Date: Thu, 26 Jul 2001 16:28:54 +0200 From: Bianca Burgardt <Bianca.Burgardt@icn.siemens.de> To: freebsd-questions@FreeBSD.ORG Subject: IPsec-Porblems! Message-ID: <3B602926.4B618903@icn.siemens.de>
next in thread | raw e-mail | index | archive | help
I've got a PC on which IPsec has to be installed. The PC should just
unpack the packets it received an send it to an other PC.
So, I edit, configure and install the kernel new with following lines:
options IPSEC
options IPSEC_ESP
options IPSEC_DEBUG
This works very well and the system boots with my new kernel.
Then I make the setkey-command in this way:
setkey -c << EOF
spdadd 161.0.0.1 121.0.0.1 any -P out ipsec
esp/tunnel/141.0.5.1-141.0.1.2/require ;
spdadd 121.0.0.1 161.0.0.1 any -P out ipsec
esp/tunnel/141.0.1.2-141.0.5.1/require ;
add 141.0.1.2 141.0.5.1 esp 1000 -m tunnel -E simple ;
add 141.0.5.1 141.0.1.2 esp 1001 -m tunnel -E simple ;
EOF
And it also works. I can check the entries in the SAD- and SPD-tables.
The routes for the routing are also configured and they should work.
Well, my Problem is, that the IPsec doesn't unpack the data-packages. So
the PC isn't possible to send it to the next PC.
Is there anything that I've forgotten to install or configure?
Is there any possibility to debug the processes IPsec dose?
If there is anyone who can help, please write back as soon as possible.
Thank you very much
Bianca
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3B602926.4B618903>