spdadd IPSec tunnel with AH+ESP

From: Ernie (ern001_at_gmail.com)
Date: 08/18/05

Next message: Daniel Valencia: "multiple interfaces"

Previous message: John Baldwin: "Re: duplicate read/write locks in net/pfil.c and netinet/ip_fw2.c"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Thu, 18 Aug 2005 10:40:00 -0600
To: freebsd-net@freebsd.org

I'm trying to setup FreeBSD 5.4 in tunnel mode with AH+ESP, what is
the appropriate spdadd syntax to pass to setkey to set this policy?

Currently I'm trying,

spdadd 192.168.1.60 192.168.1.250 any -P out ipsec
esp/tunnel/192.168.1.60-192.168.1.250/use
ah/tunnel/192.168.1.60-192.168.1.250/use;
spdadd 192.168.1.250 192.168.1.60 any -P in ipsec
esp/tunnel/192.168.1.250-192.168.1.60/use
ah/tunnel/192.168.1.250-192.168.1.60/use;

but cannot get it to interop with vxWorks or Windows XP, but those two
interop just fine, so I'm supposing that my spd policies are setup
incorrectly. Also the same setup works perfectly with both vxWorks and
Windows XP in transport mode. Anyway just want to know what is the
correct way of setting up AH+ESP for spd.

Thanks,
Ernie
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"

Next message: Daniel Valencia: "multiple interfaces"

Previous message: John Baldwin: "Re: duplicate read/write locks in net/pfil.c and netinet/ip_fw2.c"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]