Date: Sat, 20 Apr 2002 22:12:05 -0700 (PDT) From: Vincent Chen <vctw@yahoo.com> To: freebsd-net@freebsd.org Subject: why prefer old SA in KAME's IPSec? Message-ID: <20020421051205.33101.qmail@web20004.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
Dear all, I tried to establish ipsec tunnel between freebsd and several other platforms. Recently, I found that ipsec usually failed after the other machine reboot or crash. It seems that the machine use new SA after re-negotiate but freebsd use old SA. After searching maillist, I found that net.key.prefered_oldsa=0 will solve that problem. But why prefer old one? Thanks, Vincent Chen __________________________________________________ Do You Yahoo!? Yahoo! Games - play chess, backgammon, pool and more http://games.yahoo.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020421051205.33101.qmail>