IPSec and Racoon between 5.4 and 4.11
Mike Tancsa
mike at sentex.net
Mon May 16 17:56:48 PDT 2005
On Mon, 16 May 2005 12:51:50 +0100, in sentex.lists.freebsd.questions
you wrote:
>Hi,
>
>Has anybody got 5.4 <-> 4.11 talking in this config, or does anybody
>know of any pitfalls because of kernel changes?
There should not be any issues as I have 90+ RELENG4 boxes deployed
talking to a 5.4 server and a dozen RELENG_5 boxes talking to 2
RELENG_4 servers generally with out issue. The one thing we run into
from time to time is the issue of net.key.prefered_oldsa=1 on
FAST_IPSEC on RELENG_4. But other than that, it works. What issues
are you running into ? Did you enable debug logging in racoon ? What
state do the tunnels get to ? i.e what does setkey -D show ?
---Mike
--------------------------------------------------------
Mike Tancsa, Sentex communications http://www.sentex.net
Providing Internet Access since 1994
mike at sentex.net, (http://www.tancsa.com)
More information about the freebsd-questions
mailing list