spdadd IPSec tunnel with AH+ESP
Ernie
ern001 at gmail.com
Thu Aug 18 16:40:03 GMT 2005
I'm trying to setup FreeBSD 5.4 in tunnel mode with AH+ESP, what is
the appropriate spdadd syntax to pass to setkey to set this policy?
Currently I'm trying,
spdadd 192.168.1.60 192.168.1.250 any -P out ipsec
esp/tunnel/192.168.1.60-192.168.1.250/use
ah/tunnel/192.168.1.60-192.168.1.250/use;
spdadd 192.168.1.250 192.168.1.60 any -P in ipsec
esp/tunnel/192.168.1.250-192.168.1.60/use
ah/tunnel/192.168.1.250-192.168.1.60/use;
but cannot get it to interop with vxWorks or Windows XP, but those two
interop just fine, so I'm supposing that my spd policies are setup
incorrectly. Also the same setup works perfectly with both vxWorks and
Windows XP in transport mode. Anyway just want to know what is the
correct way of setting up AH+ESP for spd.
Thanks,
Ernie
More information about the freebsd-net
mailing list