IPSec + 5.2.current Problem

Bjoern A. Zeeb bzeeb-lists at lists.zabbadoz.net
Mon Aug 9 07:30:32 PDT 2004

On Mon, 9 Aug 2004, Alexander Leidinger wrote:

> > which on ? use vs. require ? I think this is just not HEAD.
> In my case it's -current from Jul 18.

and use vs. require does make a difference for you ?

> > your problem: do you really need gif(4) ? if yes - what for ?
> In my case the problem doesn't matter, since using FAST_IPSEC works for
> me. But I think it should be fixed for 5.3.

the MSIZE= should really be fixed I think, yes.

> As you can see in the above mentioned mail, I converted a 4.x system to
> -current. On 4.x I've used gif for a tunnel (as documented in the
> handbook)

I will have to read this. Nether had to use gif(4) with IPsec on the
4.[7-*] machines I co-configered. Perhaps the handbook is just

> between the FreeBSD system and a VPN appliance which isn't
> under my control. Is there another way to setup a tunnel in -current?

only use IPSec w/o gif(4). gif(4) is currently needed for few things
- IPv6 with FAST_IPSEC
- running s.th. like a link bound routing protocol over IPsec (I think)

That's what I can think of at the moment.

but take care - whatever your applicance on the other side does and
how it had worked up to now ...

Bjoern A. Zeeb				bzeeb at Zabbadoz dot NeT

More information about the freebsd-current mailing list