Problem with Racoon/IPSec/Setkey - Routing to/from multiple
netwo rks
Jamie Heckford
jamie at tridentmicrosystems.co.uk
Tue Nov 18 01:55:44 PST 2003
Helge Oldach wrote:
> Jamie Heckford:
>> /usr/sbin/setkey -c << EOF
>> flush;
>> spdflush;
>> spdadd ${LOCAL_NETWORK} ${STJUST_NETWORK} any -P out ipsec
>> esp/tunnel/${LOCAL_OUTSIDE}-${STJUST_OUTSIDE}/require;
>> spdadd ${STJUST_NETWORK} ${LOCAL_NETWORK} any -P in ipsec
>> esp/tunnel/${STJUST_OUTSIDE}-${LOCAL_OUTSIDE}/require;
>> spdadd ${ALLNET_1} ${STJUST_NETWORK} any -P out ipsec
>> esp/tunnel/${LOCAL_OUTSIDE}-${STJUST_OUTSIDE}/require;
>> spdadd ${STJUST_NETWORK} ${ALLNET_1} any -P in ipsec
>> esp/tunnel/${STJUST_OUTSIDE}-${LOCAL_OUTSIDE}/require;
>> spdadd ${LOCAL_NETWORK} ${BENELUX_NETWORK} any -P out ipsec
>> esp/tunnel/${LOCAL_OUTSIDE}-${BENELUX_OUTSIDE}/require;
>> spdadd ${BENELUX_NETWORK} ${LOCAL_NETWORK} any -P in ipsec
>> esp/tunnel/${BENELUX_OUTSIDE}-${LOCAL_OUTSIDE}/require;
>> spdadd ${ALLNET_1} ${BENELUX_NETWORK} any -P out ipsec
>> esp/tunnel/${LOCAL_OUTSIDE}-${BENELUX_OUTSIDE}/require;
>> spdadd ${BENELUX_NETWORK} ${ALLNET_1} any -P in ipsec
>> esp/tunnel/${BENELUX_OUTSIDE}-${LOCAL_OUTSIDE}/require;
>> EOF
>
> Try using "unique" instead of "require".
>
> Helge
Thanks a lot Helge, this worked fine :)
What does unique do instead of require..?
Cheers,
Jamie
More information about the freebsd-net
mailing list