Hosting Provided By

Re: Behaviour of IPsec when there are two flow-pairs between same gateways?

From: Markus Friedl <markus(at)openbsd.org>
Date: Fri Jan 24 2003 - 04:37:19 EST

i don't see this problem with openbsd 3.2.

however, i'm setting up the flows/SPD with ipsecadm.

e.g.

ipsecadm flow -addr 11.0.0.0/8 192.168.40.0/24 -src 10.0.0.1 -dst 192.168.0.1 -proto esp -out -require
ipsecadm flow -addr 192.168.40.0/24 11.0.0.0/8 -src 10.0.0.1 -dst 192.168.0.1 -proto esp -in -require
ipsecadm flow -addr 12.0.0.0/8 192.168.40.0/24 -src 10.0.0.1 -dst 192.168.0.1 -proto esp -out -require
ipsecadm flow -addr 192.168.40.0/24 12.0.0.0/8 -src 10.0.0.1 -dst 192.168.0.1 -proto esp -in -require

isakmpd is just used for negotiation the SAs.

all you need for authentication is

/etc/isakmpd/private/local.key
/etc/isakmpd/pubkeys/ipv4/192.168.0.1

-markus Received on Fri Jan 24 04:39:17 2003

Do you need help?

This message: [ Message body ]
Next message: Josef El-Rayes: "Re: Technical Differences of *BSD and Linux"
Previous message: michael dazer: "Re: Lifebook doesn't power off"
In reply to: Christopher Biggs: "Re: Behaviour of IPsec when there are two flow-pairs between same gateways?"
Next in thread: Christopher Biggs: "Re: Behaviour of IPsec when there are two flow-pairs between same gateways?"
Reply: Christopher Biggs: "Re: Behaviour of IPsec when there are two flow-pairs between same gateways?"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 13:48:29 EDT