IPSec tunnel setup problems
Damian Gerow
damian at sentex.net
Tue Apr 15 15:37:15 PDT 2003
Thus spake Ruslan Ermilov (ru at freebsd.org) [15/04/03 18:04]:
> > The two psk.txt's are exactly the same, the two /etc/ipsec.conf's are
> > exact mirrors, and the two racoon.conf's are mirrors (with configuration
> > names changed to match directions). It /feels/ like the remote (10.0.2.1)
> > isn't finding the 'remote 10.0.1.1' configuration section that exists in
> > there. I yanked the 'remote anonymous' and 'sainfo anonymous'
> > configurations to help narrow this down.
> >
> > Does anyone have any pointers? Please reply personally, as I'm not
> > subscribed.
> >
> Hmm, on my machines with IPSec tunnels the /etc/ipsec.conf's are
> NOT the exact mirrors; they are mirrors except for the in/out
> keywords.
Yes, sorry, mine are the same way. Two tunnels, two subnets. Each has the
appropriate 'out' rule and the appropriate 'in' rule.
- Damian
More information about the freebsd-net
mailing list