Date: Thu, 26 Jul 2001 16:31:51 +0100 (BST) From: =?iso-8859-1?q?Gavin=20Kenny?= <gavinkenny@yahoo.co.uk> To: questions@freebsd.org Subject: IPSec Problems Message-ID: <20010726153151.54356.qmail@web20004.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
sorry foregot the subject line --- Gavin Kenny <gavinkenny@yahoo.co.uk> wrote: > Date: Thu, 26 Jul 2001 16:30:28 +0100 (BST) > From: Gavin Kenny <gavinkenny@yahoo.co.uk> > To: questions@freebsd.org > > Bianco wrote: > > I've got a PC on which IPsec has to be installed. > The > PC should just > unpack the packets it received an send it to an > other > PC. > > So, I edit, configure and install the kernel new > with > following lines: > options IPSEC > options IPSEC_ESP > options IPSEC_DEBUG > This works very well and the system boots with my > new > kernel. > > Then I make the setkey-command in this way: > setkey -c << EOF > spdadd 161.0.0.1 121.0.0.1 any -P out ipsec > esp/tunnel/141.0.5.1-141.0.1.2/require ; > spdadd 121.0.0.1 161.0.0.1 any -P out ipsec > esp/tunnel/141.0.1.2-141.0.5.1/require ; > add 141.0.1.2 141.0.5.1 esp 1000 -m tunnel -E > simple ; > add 141.0.5.1 141.0.1.2 esp 1001 -m tunnel -E > simple ; > EOF > And it also works. I can check the entries in the > SAD- > and SPD-tables. > > The routes for the routing are also configured and > they should work. > > Well, my Problem is, that the IPsec doesn't unpack > the > data-packages. So > the PC isn't possible to send it to the next PC. > Is there anything that I've forgotten to install or > configure? > Is there any possibility to debug the processes > IPsec > dose? > > If there is anyone who can help, please write back > as > soon as possible. > Thank you very much > Bianca > > > I'm having to guess about what machines your IP > numbers represent, but it all looks OK, apart from > your ADD entries. You haven't supplied a > password/passphrase for the algorithm to use. > > i.e. ..... -E simple "password"; > > hope it helps > > Gavin > > ____________________________________________________________ > Do You Yahoo!? > Get your free @yahoo.co.uk address at > http://mail.yahoo.co.uk > or your free @yahoo.ie address at > http://mail.yahoo.ie > ____________________________________________________________ Do You Yahoo!? Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk or your free @yahoo.ie address at http://mail.yahoo.ie To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010726153151.54356.qmail>