I have a couple questions regarding IKED use that I couldn’t find in the
docs:
Is it capable of use for host-to-host tunnels or just net-to-net?
In my case I’m trying to do a simple tunnel between hosts for spamd synching
and a few other misc things. Running OpenBSD 5.9.
PF rules:
set skip on enc0
pass in on egress proto udp from $ipsec_peer to any port {500, 4500}
Host A
/etc/iked.conf:
remote_gw = “x.x.x.x"
ikev2 active esp from any to any \
local y.y.y.y peer $remote_gw \
srcid y.y.y.y
Host B
/etc/iked.conf
remote_gw = “y.y.y.y"
ikev2 esp from any to any \
local x.x.x.x peer $remote_gw \
srcid x.x.x.x
I’ve tried a few variations and never get any flows in the ipsecctl -sa
output.
What am I missing?
Thanks!
Scott
