Date: Tue, 27 Jun 2006 16:30:17 +1000 From: Michael Vince <mv@thebeastie.org> To: David DeSimone <fox@verio.net> Cc: freebsd-net@freebsd.org Subject: Re: VPN with FAST_IPSEC and ipsec tools Message-ID: <44A0D079.9030407@thebeastie.org> In-Reply-To: <20060626063010.GB25367@verio.net> References: <449228FA.50303@thebeastie.org> <20060616122855.GA29279@uk.tiscali.com> <20060616154306.GA18578@verio.net> <449B5D50.8000700@thebeastie.org> <20060623062221.GA23272@verio.net> <449F52AA.8080504@thebeastie.org> <20060626040939.GA25367@verio.net> <20060626063010.GB25367@verio.net>
next in thread | previous in thread | raw e-mail | index | archive | help
David DeSimone wrote: >- -- >David DeSimone == Network Admin == fox@verio.net > > I got it going! Its working like a dream now. I don't have a for sure reason why it wasn't working but my best guess is it was one that actually boiled down to a silly mistake as you suggested. I feel quite silly as it appears after some testing whats was holding it back was simply failing to reload the ipsec rules properly. Most if not all the time I was doing /etc/rc.d/ipsec restart, when I should of been either using setkey manually or /etc/rc.d/ipsec reload. After looking at the ipsec shell that the restart function doesn't do the equivalent effect as 'reload' Personally I see this as a trap any one could fall into. Big thanks to you, as if you weren't there I probably would of given up earlier and had to replace the gateway with something else altogether. Thanks, Mike
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44A0D079.9030407>