Date: Thu, 11 Mar 2004 10:29:51 +0100 (MET) From: Helge Oldach <helge.oldach@atosorigin.com> To: nicks@OntheNet.com.au (Nick Slager) Cc: net@freebsd.org Subject: Re: IPsec: odd behaviour with policies Message-ID: <200403110929.KAA27502@galaxy.hbg.de.ao-srv.com> In-Reply-To: <20040310052556.GA33553@OntheNet.com.au> from Nick Slager at "Mar 10, 2004 6:25:56 am"
next in thread | previous in thread | raw e-mail | index | archive | help
Nick Slager: >I have a newly created VPN between a 4.8 box and a Cisco VPN 3000 >Concentrator. > >/etc/ipsec.conf: > >flush; >spdflush; >spdadd 192.168.1.1/32 1.2.3.4/32 any -P out ipsec >esp/tunnel/203.1.1.1-203.2.2.2/require; >spdadd 1.2.3.4/32 192.168.1.1/32 any -P in ipsec >esp/tunnel/203.2.2.2-203.1.1.1/require; > >spdadd 192.168.1.1/32 1.2.3.5/32 any -P out ipsec >esp/tunnel/203.1.1.1-203.2.2.2/require; >spdadd 1.2.3.5/32 192.168.1.1/32 any -P in ipsec >esp/tunnel/203.2.2.2-203.1.1.1/require; Try using "unique" instead of "require". (This is my standard answer on the subject. :-)) Helge
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200403110929.KAA27502>