Site Navigation

Date:      Wed, 31 Oct 2001 09:21:17 -0500
From:      Christopher Sean Hilton <chris@vindaloo.com>
To:        freebsd-questions@FreeBSD.ORG
Subject:   IPSEC Help?
Message-ID:  <20011031092117.A774@andale.vindaloo.com>
In-Reply-To: <20011030182555.A2919@dantooine.vindaloo.com>; from chris@vindaloo.com on Tue, Oct 30, 2001 at 06:25:55PM -0500
References:  <20011030182555.A2919@dantooine.vindaloo.com>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

On Tue, Oct 30, 2001 at 06:25:55PM -0500, Christopher Sean Hilton wrote:
> Hi, I'm trying to setup a manually keyed IPSec tunnel between two 
> FreeBSD boxes. No matter how I run setkey I cannot get past this error:
> 
>      Must get supported algorithms list first...
> 
> I stole the configuration from the FreeBSD IPSec HowTo figuring that I would 
> modify it to my needs. Here's an actual run:
> 
> # setkey -dv -c <<EOF
> flush;
> add 10.2.3.4 10.6.7.8 ah-old  1000 -m transport -A keyed-md5 "MYSECRETMYSECRET" ;
> add 10.6.7.8 10.2.3.4 ah  2000 -m transport -A hmac-sha1 "KAMEKAMEKAMEKAMEKAME" ;
> add 10.6.7.8 10.2.3.4 esp 3000 -m transport -E des-cbc "PASSWORD" ;
> EOF
> <1>flush
> <1>;
> cmdarg:
> flush;
> <1>add
> <1> 
> <1>10.2.3.4
> <1> 
> <1>10.6.7.8
> <1> 
> <1>ah-old
> <1>  
> <1>1000
> <1> 
> <1>-m
> <1> 
> <1>transport
> <1> 
> <1>-A
> <1> 
> <1>keyed-md5
> <1> 
> <1>"MYSECRETMYSECRET"
> line 2: Must get supported algorithms list first at [MYSECRETMYSECRET]
> parse failed, line 2.
> 
> Here's the kernel version.
> 
> # uname -a
> FreeBSD dantooine.vindaloo.com 4.3-STABLE FreeBSD 4.3-STABLE #0: Wed Jul 18 
> 08:09:19 EDT 2001     root@hoth.vindaloo.com:/usr/src/sys/compile/DANTOOINE  
> i386
> 
> Chris Hilton                                 chilton-at-vindaloo-dot-com
> ------------------------------------------------------------------------
>                 "All I was doing was trying to get home from work!"
>                                                  -- Rosa Parks

I just changed the subject line on this to see if I could actually get an 
answer.

-- 
Chris Hilton                                 chilton-at-vindaloo-dot-com
------------------------------------------------------------------------
                "All I was doing was trying to get home from work!"
                                                 -- Rosa Parks

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011031092117.A774>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact