Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 16 May 2005 20:56:47 -0400
From:      Mike Tancsa <mike@sentex.net>
To:        Daren Russell <darenr@end-design.co.uk>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: IPSec and Racoon between 5.4 and 4.11
Message-ID:  <23gi81pattnnan1rlv8uc0dva1ken5r8cj@4ax.com>
In-Reply-To: <d6a1fg$pf1$1@sea.gmane.org>
References:  <d6a1fg$pf1$1@sea.gmane.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 16 May 2005 12:51:50 +0100, in sentex.lists.freebsd.questions
you wrote:

>Hi,
>
>Has anybody got 5.4 <-> 4.11 talking in this config, or does anybody
>know of any pitfalls because of kernel changes?

There should not be any issues as I have 90+ RELENG4 boxes deployed
talking to a 5.4 server and a dozen RELENG_5 boxes talking to 2
RELENG_4 servers generally with out issue. The one thing we run into
from time to time is the issue of net.key.prefered_oldsa=3D1 on
=46AST_IPSEC on RELENG_4.  But other than that, it works.  What issues
are you running into ?  Did you enable debug logging in racoon ? What
state do the tunnels get to ? i.e what does setkey -D show ?

	---Mike
--------------------------------------------------------
Mike Tancsa, Sentex communications http://www.sentex.net
Providing Internet Access since 1994
mike@sentex.net, (http://www.tancsa.com)



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?23gi81pattnnan1rlv8uc0dva1ken5r8cj>