Hi, >>>>> On Tue, 30 Mar 2004 12:33:08 +0000 (UTC) >>>>> "Bjoern A. Zeeb" <[EMAIL PROTECTED]> said:
bzeeb> What I had to do had been "excluding IKE traffic" by doing s.th. bzeeb> like this (router side config): bzeeb> spdadd ROUTER[500] NOTEBOOK[500] udp bzeeb> -P out none ; bzeeb> spdadd NOTEBOOK[500] ROUTER[500] udp bzeeb> -P in none ; bzeeb> This for sure is not the most nifty way to do but it works. The per socket security policy is broken under 5.2.1-RELEASE, and it was fixed in 5-CURRENT. Racoon uses it to exclude IKE packets from target of IPsec. So, the bzeeb's way should work for workaround. Sincerely, -- Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan [EMAIL PROTECTED] [EMAIL PROTECTED],jp.}FreeBSD.org http://www.imasy.org/~ume/ _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
