Re: doubt about IPSEC - Freebsd 7
- From: VANHULLEBUS Yvan <vanhu_bsd@xxxxxxxxxx>
- Date: Sat, 24 Nov 2007 16:08:54 +0100
Hi.
On Sat, Nov 24, 2007 at 03:11:05PM +0100, Giulio Ferro wrote:
I've noticed that in the kernel configuration IPSEC_ESP disappeared
from the options. It says that you just need device crypto and IPSEC.
Does this mean that with crypto and IPSEC I have all I need to treat
ESP like the old IPSEC_ESP option?
IPSEC_ESP was a needed option for KAME's IPSec implementation, which
is no longer in FreeBSD's kernel.
IPSEC now enables FAST_IPSEC stack, which just needs IPSEC and device
crypto.
I'm having some problems right now setting up a vpn to complete phase 2,
(the error is no proposal chosen).
Since ipsec-tools uses the facilities in the kernel, I want to make sure
that the
kernel provides everything racoon needs...
That really sounds like a configuration issue (racoon.conf, or perhaps
your SPD entries), racoon's debug on responder should give you more
informations on the problem.
Yvan.
--
NETASQ
http://www.netasq.com
_______________________________________________
freebsd-hackers@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@xxxxxxxxxxx"
- Follow-Ups:
- Re: doubt about IPSEC - Freebsd 7
- From: Baldur Gislason
- Re: doubt about IPSEC - Freebsd 7
- From: Giulio Ferro
- Re: doubt about IPSEC - Freebsd 7
- References:
- doubt about IPSEC - Freebsd 7
- From: Giulio Ferro
- doubt about IPSEC - Freebsd 7
- Prev by Date: Re: doubt about IPSEC - Freebsd 7
- Next by Date: Re: doubt about IPSEC - Freebsd 7
- Previous by thread: Re: Before & After Under The Giant Lock
- Next by thread: Re: doubt about IPSEC - Freebsd 7
- Index(es):
Relevant Pages
|
|
