Re: linux-ipsec: Second major test of Pluto from the 0.8 release

  Yeiks! There is NO IPSEC really configured on the north SG and pluto was quite happy to run and NOTHING bitched about it! No wonder I am having problems.

  The reason things looked good on the east SG was that I have some scripts that set up a hand tunnel to west, but on north there are no happy scritpts so none of the basic ipsec networking got set up.

  I don't know if the answer to this is to force folks to write scripts around pluto that set up the networking (tncfg etc.) or if pluto needs to be extended to deal with this its self (like better for most folks).
  Pluto should notice that packets are going to end up in the clear and bitch about something (clear packets, no ipsec configured or _something_!).

> You are missing a route for that subnet that mirrors the eroute to

  On the missing subnet route I would guess that pluto would put in all the routing entrys needed, if I do it by hand then why bother with IKE (well...).

> These two should have the same broadcast address. (This is now noted

  Who should be setting the broadcast address? When?

  It seems to me that pluto needs some boot time rc scripts to show how to use it, as it does not seem to get a lot of the work done it's self currently.

		||ugh Daniel
		hugh@toad.com

			Systems Testing & Project mis-Management
			The Linux FreeS/WAN Project
			
http://www.xs4all.nl/~freeswan

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related lists.freeswan.org Links 1998-fall 1998-spring 1998-summer 1998-winter 1999-winter announce briefs bugs design freeswan-list hipsec ietf-sectest users users-admin Request more information about Pantek