Date: Tue, 19 Sep 2000 18:09:44 +0600 From: "Alex E. Zelenin" <zelya@urc.ac.ru> To: <freebsd-questions@freebsd.org> Subject: IPsec, setkey problem Message-ID: <00a501c02232$800b3060$0955e9c1@rnoc.urc.ac.ru>
next in thread | raw e-mail | index | archive | help
Hello ! I tried to implement host-to-host encryption on FreeBSD 4.1 release. So, I set options IPSEC #IP security options IPSEC_ESP #IP security (crypto; define w/ IPSEC) options IPSEC_DEBUG #debug for IP security in kernel configuration file, compiled and installed new kernel. Then I wrote this script: setkey -d -c <<EOF spdadd 10.10.10.2 10.10.10.1 any -P out ipsec esp/transport//require ; add 10.10.10.1 10.10.10.2 esp 9876 -m transport -E simple "mommy000" ; add 10.10.10.2 10.10.10.1 esp 10000 -m transport -E simple "daddy000" ; EOF Of course, I used another IP-addressess, but it doesn't matter. When I tried to run this script, I got: ..... <1>-E <1> <1>simple <1> <1>"mommy000" line 2: Must get supported algorithms list first at [mommy000] parse failed, line 2. I would like to know how could I give to this utility that list? BTW, if I replace option -d with -v or without any options (except -c, of course), I got line 4: syntax error at [E] parse failed, line 4. With best regards, Alexey Zelenin. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00a501c02232$800b3060$0955e9c1>