kern/65474: IPSEC filters outbound ISAKMP traffic and IPSEC
negotiation fails.
Bjoern A. Zeeb
bzeeb-lists at lists.zabbadoz.net
Mon Apr 12 22:00:43 PDT 2004
The following reply was made to PR kern/65474; it has been noted by GNATS.
From: "Bjoern A. Zeeb" <bzeeb-lists at lists.zabbadoz.net>
To: Timothy Ham <tham at nth-order.com>
Cc: freebsd-gnats-submit at FreeBSD.org, freebsd-bugs at FreeBSD.org
Subject: Re: kern/65474: IPSEC filters outbound ISAKMP traffic and IPSEC
negotiation fails.
Date: Tue, 13 Apr 2004 04:49:36 +0000 (UTC)
On Mon, 12 Apr 2004, Timothy Ham wrote:
> >Number: 65474
> >Category: kern
>
> >Fix:
> Un-safe workaround: instead of "require" policy, use "use".
exclude IKE traffic from your policy before your other rules
is a better workaround I think because you can still use /require for
the other rules then.
Please see the end of follwoing thread how to do the above
and in which revisions your problem got fixed by Hajimu Umemoto.
http://lists.freebsd.org/pipermail/freebsd-net/2004-March/003542.html
--
Greetings
Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT
56 69 73 69 74 http://www.zabbadoz.net/
More information about the freebsd-bugs
mailing list