Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 27 Mar 2008 06:50:04 GMT
From:      "Alexander Efimov" <alephis@gmail.com>
To:        freebsd-net@FreeBSD.org
Subject:   Re: kern/122065: [gre] gre over ipsec not working
Message-ID:  <200803270650.m2R6o48b022650@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The following reply was made to PR kern/122065; it has been noted by GNATS.

From: "Alexander Efimov" <alephis@gmail.com>
To: bug-followup@FreeBSD.org, alephis@gmail.com
Cc:  
Subject: Re: kern/122065: [gre] gre over ipsec not working
Date: Thu, 27 Mar 2008 12:17:43 +0600

 ------=_Part_19935_27991802.1206598664906
 Content-Type: text/plain; charset=ISO-8859-1
 Content-Transfer-Encoding: 7bit
 Content-Disposition: inline
 
 - policies on Windows
 
 the same to require ipsec on 192.168.250.0/24 both directions
 connection type: all network connectins
 with  "accept usecured communication, but always respond using ipsec" turned
 off
 certificate type of authentication
 
 - confirm with tcpdump that no packets are going out on the real
 interface?
 
 I've got only esp packets, currently can't make tcpdump work with -E
 
 - can you still see the packets on enc0?
 not sure I understand what you mean.
 
 - any possible firewall setups?
 no server and host currently resides in same lan
 
 ------=_Part_19935_27991802.1206598664906
 Content-Type: text/html; charset=ISO-8859-1
 Content-Transfer-Encoding: 7bit
 Content-Disposition: inline
 
 - policies on Windows<br><br>the same to require&nbsp;ipsec&nbsp;on&nbsp;<a href="http://192.168.250.0/24">192.168.250.0/24</a>&nbsp;both&nbsp;directions<br>connection type: all&nbsp;network&nbsp;connectins <br>with &nbsp;&quot;accept usecured communication, but always respond using ipsec&quot; turned off <br>
 certificate&nbsp;type&nbsp;of&nbsp;authentication&nbsp;<br><br>- confirm with tcpdump that no packets are going out on the real<br>interface?<br><br>I&#39;ve got only esp packets,&nbsp;currently&nbsp;can&#39;t&nbsp;make&nbsp;tcpdump&nbsp;work&nbsp;with&nbsp;-E&nbsp; <br><br>- can you still see the packets on enc0?<br>
 not sure I understand what you mean.<br><br>- any possible firewall setups?<br>no server and host currently resides&nbsp;in&nbsp;same&nbsp;lan&nbsp; <br>
 
 ------=_Part_19935_27991802.1206598664906--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200803270650.m2R6o48b022650>