Date: Sun, 09 Apr 2000 14:05:02 +0200 From: Erwan Arzur <erwan@netvalue.com> To: current@freebsd.org Subject: Success with ESP over IPV4 ? Message-ID: <38F071EE.CB78C94E@netvalue.com>
next in thread | raw e-mail | index | archive | help
Did someone manage to get a ESP tunnel over IPV4 working ?
I try to use the following setkey commands, which constantly fail with
the following message :
"Must get list of supported protocols first."
My problem is how to get this list of supported protocols ?
this config file is inspired from samples in /usr/src/usr.sbin/setkey
... i'm just experimenting, have a very limited knowledge about IPV6,
and the samples
shipped with CURRENT's sources do not work out of the box :-(
all this stuff is done in order to test IPV6/pipsecd interoperability.
Thanks in advance !
--- snip -- snip ---
flush;
add AAA.AAA.AAA.AAA BBB.BBB.BBB.BBB esp 1001
-m any -f zero-pad
-E blowfish-cbc "AAA key" ;
add BBB.BBB.BBB.BBB AAA.AAA.AAA.AAA esp 1001
-m any
-f zero-pad
-E blowfish_cbc "BBB key";
spdflush;
spdadd AAA.AAA.AAA.AAA/32[any] BBB.BBB.BBB.BBB/32[any] any
-P in ipsec esp/transport//use;
spdadd BBB.BBB.BBB.BBB/32[any] AAA.AAA.AAA.AAA/32[any] any
-P out ipsec esp/transport//use;
--
UNIX *IS* user friendly. It's just selective about who its friends are.
--unknown
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?38F071EE.CB78C94E>