Re: IPsec: problems after upgrade 4.8 to 4.9

Holger Eitzenberger: > (*) ERROR: ipsec_doi.c:440:print_ph1mismatched(): rejected dh_group: >DB(prop#1:trns#1):Peer(prop#0:trns#0) = 1024-bit MODP group:1536-bit MODP >group >proposal { >encryption_algorithm 3des; >hash_algorithm md5; >authenticati

Re: NAT

You need to compile a custom kernel with as a minimum options IPFIREWALL # puts ipfw statically into kernel options IPDIVERT # see divert Disable - this will enable it which is required for divert rule and natd You may also want this options options IPFIREWALL_FORWARD #en

Re: IPsec: problems after upgrade 4.8 to 4.9

> On Fri, 19 Mar 2004 23:06:38 +0100, > "Holger Eitzenberger" <[EMAIL PROTECTED]> said: > I was sucessfully running FBSD 4.8 with X509 certicate VPN. > After installation of FBSD 4.9 I get the following error messages: > isakmp.c:899:isakmp_ph1begin_r(): begin Identity Protection m

Re: Problem in Netgraph ( TESTING OF MY NODE )

On Sun, 21 Mar 2004, Julian Elischer wrote: > > > On Sun, 21 Mar 2004, [iso-8859-1] manish gautam wrote: > > > Ist problem > > = > > > > i hav created my own node named "m" .and using > > commands > > > > kldload netgraph > > kldload ng_ether > > kldload ng_m > > > > i also cre

dhclient problem.. im desperate

there is attached a log containg described details of my problem.. ive been trying to solve this problem for about a week.. help!well I just installed freeBSD on my home, (5.2.1), and everything goes ok, BUT, i cant get dhcp, working... on sysinstall, if I try to make my dhcp to be discovered, it

Re: Problem in Netgraph ( TESTING OF MY NODE )

On Sun, 21 Mar 2004, [iso-8859-1] manish gautam wrote: > Ist problem > = > > i hav created my own node named "m" .and using > commands > > kldload netgraph > kldload ng_ether > kldload ng_m > > i also create an ether node and then i attach my "m" > node to ether node using > > n

Re: Problem in Netgraph ( TESTING OF MY NODE )

On Sun, Mar 21, 2004 at 06:34:35PM +, manish gautam wrote: > How can I install ethereal on my machine using above > said packages,? do i need more packages ? i have nothing to say regarding netgraph, but... tethereal is the package with just tethereal, ethereal has both tethereal and ethereal

Problem in Netgraph ( TESTING OF MY NODE )

Ist problem = i hav created my own node named "m" .and using commands kldload netgraph kldload ng_ether kldload ng_m i also create an ether node and then i attach my "m" node to ether node using ngctl mkpeer ed0: m upper right after that on command ::--> ngctl msg my_m: getstats

NAT

Hi ! I want to connect my win to my freebsd. But the nat is not working. How I check if my kernel have ipfw ? Now, when I start the pc I get something "IP packet filtering enable, divert Disable, IP forwarding enable" .. What this means ?? Is it working ?? Regards Alan ___

IPSec and setsockopt MULTICAST_IF interaction

Hi Team, I want to use IPsec engine with AH Security Association and SPD on multicast destination adress. When I comment the setsockopt MULTICAST_IF option, all work fine and destination packets to the multicast adress have AH added before IP Header. But when I use the setsockopt MULTICAST_IF,