l -
De: "Emeric POUPON"
À: "FreeBSD Net"
Envoyé: Lundi 17 Août 2015 10:07:45
Objet: IPsec: question on the sysctl preferred_oldsa
Hello,
I have some questions about the sysctl "net.key.preferred_oldsa":
https://svnweb.freebsd.org/base/head/sys/netipse
Hello,
I have some questions about the sysctl "net.key.preferred_oldsa":
https://svnweb.freebsd.org/base/head/sys/netipsec/key.c?view=markup#l971
When I set the net.key.preferred_oldsa to 0 (similar to Linux's behavior,
according to what I have read so far):
- why does the kernel delete itself t
On 4/20/2013 11:01 PM, Karl Denninger wrote:
> On 4/20/2013 9:36 PM, Karl Denninger wrote:
>> I don't think so -- gre is not involved in the config.
>>
>> On 4/20/2013 7:59 PM, Steven Hartland wrote:
>>> - Original Message - From: "Karl Denninger"
>>> ...
My "ordinary" NAT entry is s
On 4/20/2013 9:36 PM, Karl Denninger wrote:
> I don't think so -- gre is not involved in the config.
>
> On 4/20/2013 7:59 PM, Steven Hartland wrote:
>> - Original Message - From: "Karl Denninger"
>> ...
>>> My "ordinary" NAT entry is simply "nat 1 ip from any to any via em1",
>>> which wo
Be sure default gateway is properly cobfigured on the client not only the
tunnel
Sami
On Apr 21, 2013 6:42 AM, "Karl Denninger" wrote:
> I don't think so -- gre is not involved in the config.
>
> On 4/20/2013 7:59 PM, Steven Hartland wrote:
> > - Original Message - From: "Karl Denninger"
I don't think so -- gre is not involved in the config.
On 4/20/2013 7:59 PM, Steven Hartland wrote:
> - Original Message - From: "Karl Denninger"
> ...
>> My "ordinary" NAT entry is simply "nat 1 ip from any to any via em1",
>> which works fine for ordinary "on the client" traffic; no pro
- Original Message -
From: "Karl Denninger"
...
My "ordinary" NAT entry is simply "nat 1 ip from any to any via em1",
which works fine for ordinary "on the client" traffic; no problems with
that.
...
Just a stab in the dark, as I vaguely remember something similar, do you
also need to
Here's the situation.
I have a FreeBSD-Stable 9.1 system that has been running through the
various versions of FreeBSD for the last several years. It uses ipfw
and NAT to protect and serve PC clients along with other devices inside,
and has an outside connection as well. The topology looks like
> On Mon, 24 May 2004 09:22:08 +0700,
> Muhammad Reza <[EMAIL PROTECTED]> said:
> I try to configure vpn over ipsec between two FreeBSD (4.10PRERELEASE
> and 5.1.p17) gateways.
> My guidelines is from FreeBSD handbook,
> Tunelling is workfine with gifconfig command, i can ping each inter
Dear List.
I try to configure vpn over ipsec between two FreeBSD (4.10PRERELEASE
and 5.1.p17) gateways.
My guidelines is from FreeBSD handbook,
Tunelling is workfine with gifconfig command, i can ping each internal
interface from both side gateway.
The problem is when i try to securing the link w
> > Once you've got the gif tunnel working, say with top addresses
> > 10.0.0.1 and 10.0.0.2 and tunnel addresses 1.2.3.4 and 5.6.7.8,
> > create an /etc/ipsec.conf that says:
>
>
> which are the 'top' addresses? outer or inner?
> i.e.
>
>(A)gif0:---(B)ed0-ed0(C)g
On Fri, 21 Sep 2001, Brian Somers wrote:
> > The sample docs and the daemon-news
> > article get me part way started to making an encrypted
> > tunnel using IPsec4 between two networks.
> > However The are really quite confusing...
> >
> > Is there a SIMPLE description of what all the parts do
> Le (On) Fri, Sep 21, 2001 at 09:47:03AM +0100, Brian Somers ecrivit (wrote):
> >
> > spdadd 1.2.3.4/32 5.6.7.8/32 ip4 -P in ipsec esp/transport//require;
> > spdadd 5.6.7.8/32 1.2.3.4/32 ip4 -P out ipsec esp/transport//require;
> >
> > This is your setkey input. The ``ip4'' bit tells ipse
Le (On) Fri, Sep 21, 2001 at 09:47:03AM +0100, Brian Somers ecrivit (wrote):
>
> spdadd 1.2.3.4/32 5.6.7.8/32 ip4 -P in ipsec esp/transport//require;
> spdadd 5.6.7.8/32 1.2.3.4/32 ip4 -P out ipsec esp/transport//require;
>
> This is your setkey input. The ``ip4'' bit tells ipsec to only to
> The sample docs and the daemon-news
> article get me part way started to making an encrypted
> tunnel using IPsec4 between two networks.
> However The are really quite confusing...
>
> Is there a SIMPLE description of what all the parts do?
>
> I have a gif tunnel going, but it's not clear to
Le (On) Thu, Sep 20, 2001 at 11:33:35PM -0700, Julian Elischer ecrivit (wrote):
> The sample docs and the daemon-news
> article get me part way started to making an encrypted
> tunnel using IPsec4 between two networks.
> However The are really quite confusing...
>
> Is there a SIMPLE description
The sample docs and the daemon-news
article get me part way started to making an encrypted
tunnel using IPsec4 between two networks.
However The are really quite confusing...
Is there a SIMPLE description of what all the parts do?
I have a gif tunnel going, but it's not clear to me how I make th
I'm trying to setup a tunnel between a FreeBSD 4.4 Prerelease box and a
Netopia R9100 dual ethernet router. Here's my current setup. FreeBSD box
is doing nat for my private nat and is running IPFW allowing only desired
ports in.
Private IP = 172.16.69.1
Public IP = a.a.a.a
Netopia R9100 Public
18 matches
Mail list logo
