Hi Bhasker, This document will help you: http://www.ipsec-howto.org/ipsec-howto.pdf *It has sample configs for racoon.
*Thanks & Regards, Raj On Thu, Aug 27, 2009 at 6:53 PM, Bhaskar Dutta <bhas...@gmail.com> wrote: > On Thu, Aug 27, 2009 at 5:43 PM, Tero Kivinen <kivi...@iki.fi> wrote: > > > > Bhaskar Dutta writes: > > > Does any IPSec implementation support RFC 3554 (On the Use of Stream > Control > > > Transmission Protocol (SCTP) with IPsec)? > > > > Yes. Altough I do not know if it has been really tested (mostly just > > using sctp_test and single pair of ip-addresses). > > > > > I am working on SCTP over IPSec (linux 2.6.27) and in case of > multihoming > > > unless > > > RFC 3554 is supported I will need to configure 2 * n * m Security > > > Associations. > > > > With IKEv2 you should just create one SA having multiple source and > > destination addresses. Then if more addresses are later added you need > > to create new SA with all of the addresses (or just new addresses). > > -- > > kivi...@iki.fi > > Thanks a lot! > > I looked up for examples on setting up sainfo entries in racoon's > remote.conf with > multiple source/destination addresses but the man pages or searching the > web > did not lead to anything. Couldnt even find any examples with multiple > entries in sainfo. > > Do you have any idea on how to write the sainfo entries in remote.conf > and spdadd entries > in setkey.conf that will work with multiple source/dest addresses? > > I did write to the ipsec-tools-users list but no luck yet. > > Thanks, > Bhaskar > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec >
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
