From owner-freebsd-current@FreeBSD.ORG  Mon Aug  9 13:25:13 2004
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 9AA0616A4D0
	for <current@freebsd.org>; Mon,  9 Aug 2004 13:25:13 +0000 (GMT)
Received: from transport.cksoft.de (transport.cksoft.de [62.111.66.27])
	by mx1.FreeBSD.org (Postfix) with ESMTP id C770443D1F
	for <current@freebsd.org>; Mon,  9 Aug 2004 13:25:08 +0000 (GMT)
	(envelope-from bzeeb-lists@lists.zabbadoz.net)
Received: from transport.cksoft.de (localhost [127.0.0.1])
	by transport.cksoft.de (Postfix) with ESMTP
	id 1773C1FF9A6; Mon,  9 Aug 2004 15:25:07 +0200 (CEST)
Received: by transport.cksoft.de (Postfix, from userid 66)
	id 1604B1FF92F; Mon,  9 Aug 2004 15:25:05 +0200 (CEST)
Received: by mail.int.zabbadoz.net (Postfix, from userid 1060)
	id 7A99B15384; Mon,  9 Aug 2004 13:21:00 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by mail.int.zabbadoz.net (Postfix) with ESMTP
	id 77CB015329; Mon,  9 Aug 2004 13:21:01 +0000 (UTC)
Date: Mon, 9 Aug 2004 13:21:01 +0000 (UTC)
From: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net>
X-X-Sender: bz@e0-0.zab2.int.zabbadoz.net
To: Alexander Leidinger <Alexander@Leidinger.net>
In-Reply-To: <20040809150754.13ca108a@Magellan.Leidinger.net>
Message-ID: <Pine.BSF.4.53.0408091314260.1709@e0-0.zab2.int.zabbadoz.net>
References: <200408080622.i786Mnhe017474@www1.pochta.ru>
	<20040808132524.GB1033@mehnert.org><20040809112700.GB659@mehnert.org>
	<20040809150754.13ca108a@Magellan.Leidinger.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-Virus-Scanned: by AMaViS cksoft-s20020300-20031204bz on transport.cksoft.de
cc: Hannes Mehnert <hannes@mehnert.org>
cc: FreeBSD current mailing list <current@freebsd.org>
Subject: Re: IPSec + 5.2.current Problem
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Aug 2004 13:25:13 -0000

On Mon, 9 Aug 2004, Alexander Leidinger wrote:

> On Mon, 9 Aug 2004 13:27:00 +0200
> Hannes Mehnert <hannes@mehnert.org> wrote:
>
> > > So you're able to transfer data over the tunnel with IPSEC?
> >
> > Yes, I'm able to transfer packets with IPSEC and IPSEC_ESP (just
> > verified this). But I use FAST_IPSEC because i have a soekris vpn1411
> > (http://www.soekris.com/vpn1401.htm).
> >
> > I also had some problems with IPSEC and IPSEC_ESP, changing require
> > to use in the policies fixed that. With require racoon was not able
> > to initiate phase 1, because all non esp traffic was dropped.

whyever I hadn't seen this posting.

> I think this is a datapoint... I use a "require" policy too. ATM I can't
> test with "use" instead.

but this problem had been fixed months ago for IPSEC.

-- 
Bjoern A. Zeeb				bzeeb at Zabbadoz dot NeT