From owner-freebsd-mobile Fri Feb 21 11:43:16 2003 Delivered-To: freebsd-mobile@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4AE3937B401; Fri, 21 Feb 2003 11:43:15 -0800 (PST) Received: from kestrel.alerce.com (kestrel.alerce.com [209.182.219.40]) by mx1.FreeBSD.org (Postfix) with ESMTP id 312AD43FBD; Fri, 21 Feb 2003 11:43:14 -0800 (PST) (envelope-from hartzell@rosebud.alerce.com) Received: from rosebud.alerce.com (rosebud.lbl.gov [131.243.193.115]) by kestrel.alerce.com (8.12.4/8.12.4) with ESMTP id h1LJh2k6042652 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=OK); Fri, 21 Feb 2003 11:43:03 -0800 (PST) (envelope-from hartzell@rosebud.alerce.com) X-Authentication-Warning: kestrel.alerce.com: Host rosebud.lbl.gov [131.243.193.115] claimed to be rosebud.alerce.com Received: from rosebud.alerce.com (rosebud.alerce.com [127.0.0.1]) by rosebud.alerce.com (8.12.7/8.12.7) with ESMTP id h1LJhBfb002347 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Fri, 21 Feb 2003 11:43:12 -0800 (PST) (envelope-from hartzell@rosebud.alerce.com) Received: (from hartzell@localhost) by rosebud.alerce.com (8.12.7/8.12.6/Submit) id h1LJh9eM002344; Fri, 21 Feb 2003 11:43:09 -0800 (PST) From: George Hartzell MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <15958.33100.968830.657410@rosebud.alerce.com> Date: Fri, 21 Feb 2003 11:43:08 -0800 To: Stacy Millions Cc: freebsd-questions@FreeBSD.ORG, freebsd-mobile@FreeBSD.ORG Subject: Re: Almost there [was Re: FreeBSD 4.7-REL-p3 and an ... Linksys BEFVP41] In-Reply-To: <3E567927.9080906@millions.ca> References: <15956.23535.146549.735318@rosebud.alerce.com> <15958.26232.847753.176153@rosebud.alerce.com> <3E567927.9080906@millions.ca> X-Mailer: VM 7.07 under 21.1 (patch 14) "Cuyahoga Valley" XEmacs Lucid Reply-To: hartzell@kestrel.alerce.com (George Hartzell) Sender: owner-freebsd-mobile@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Stacy Millions writes: > George Hartzell wrote: > > [...] > > I almost have things working! > > > > I've fallen back to a very simple solution, [...] > > > > /usr/sbin/setkey -FP > > /usr/sbin/setkey -F > > > > /usr/sbin/setkey -c << EOF > > spdadd LAPTOP_IP/32 192.168.1.0/24 any -P out ipsec esp/tunnel/LAPTOP_IP-LINKSYS_IP/require; > > spdadd 192.168.1.0/24 LAPTOP_IP/32 any -P out ipsec esp/tunnel/LINKSYS_IP-LAPTOP_IP/require; > > EOF > > That should be > spdadd 192.168.1.0/24 LAPTOP_IP/32 any -P in ipsec ... > > [...] > You need an inbound tunnel and an outbound tunnel. Fixing the policy statement > above, should do it. Stacy wins the prize. I fixed the typo on the second line, changing the "out" to an "in" and things are working swimingly! Thanks! g. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-mobile" in the body of the message