Date: Tue, 20 Feb 2001 11:52:36 -0800 From: Kris Kennaway <kris@obsecurity.org> To: Chris Knipe <chrisk@vardus.net> Cc: freebsd-questions@freebsd.org Subject: Re: ipsecd Message-ID: <20010220115236.D35631@mollari.cthul.hu> In-Reply-To: <03a201c09b43$f7fc8710$6402000a@VARDUSZA.com>; from chrisk@vardus.net on Tue, Feb 20, 2001 at 03:49:39PM %2B0200 References: <03a201c09b43$f7fc8710$6402000a@VARDUSZA.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--tEFtbjk+mNEviIIX Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Tue, Feb 20, 2001 at 03:49:39PM +0200, Chris Knipe wrote: > I am right to assume that I need both ipsec and setkey to function properly > for encrypted VPN configurations, but alas, two weeks, 24 kernel builds, and > still no avail... You don't run pipsecd with kernel IPSEC. The latter is supported transparently by the kernel and doesn't need a userland daemon to help with encryption. You can however use the racoon daemon in ports to do automatic negotiation of security associations (the alternative is to manually set them up using setkey(8)). You still need to set up your policy database using setkey(8) when using racoon. Search the mailing list archives (e.g. freebsd-security) for more help on setting up IPSEC. Kris --tEFtbjk+mNEviIIX Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE6kssEWry0BWjoQKURAslfAJ41NeZZkE0k5cjTbAHgJee2/qBLigCgiJUU 1vqIw6jGa7FcO51N8vA7ojU= =qIGN -----END PGP SIGNATURE----- --tEFtbjk+mNEviIIX-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010220115236.D35631>