IPsec blues 5.2.1
cpu memhd
cpumemhd at yahoo.com
Thu Sep 2 19:04:56 PDT 2004
I know about the broken IPSEC problem so I have compiled kernel with
FAST_IPSEC. The man pages say:
"In general, the Fast IPsec implementation is intended to be compatible
with the KAME IPsec implementation."
Then, when reading 14.10 VPN over IPsec docs...
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ipsec.html
It mentions using racoon and modifing ${PREFIX}/etc/racoon/psk.txt. But
this file does not exist. Do I still have to use racoon, how do I get this
working?
Another problem is the handbook example shows rc.conf configuration as:
gifconfig_gif0="A.B.C.D W.X.Y.Z"
ifconfig_gif0="inet 192.168.1.1 192.168.2.1 netmask 0xffffffff"
static_routes="vpn"
route_vpn="192.168.2.0 192.168.2.1 netmask 0xffffff00"
But shouldn't the two gateways be on the same subnet (192.168.1.x)?
Also, I try to run setkey -D but I get an error "pfkey_open: Protocol not
supported". Thanks.
---------------------------------
Do you Yahoo!?
Yahoo! Mail - 50x more storage than other providers!
More information about the freebsd-net
mailing list