Oleg Tarasov (subscriber) writes:
>
> net.key.preferred_oldsa=0
>
> I suggest to change the default value of this one to 0 in FreeBSD
> distribution.
This has been suggested for about 5 years now...
Phil
___
freebsd-net@freebsd.org ma
Hello,
Julian Elischer <[EMAIL PROTECTED]> wrote:
> let us know if that solves your problem..
> remember you don't need to reboot to set it..
> the result should be instantaneous.
net.key.preferred_oldsa=0
really helped in this situation. Both tunnels from now on work
perfectly inspite on conn
Oleg Tarasov wrote:
Hello,
VANHULLEBUS Yvan <[EMAIL PROTECTED]> wrote:
net.key.prefered_oldsa, or net.key.preferred_oldsa (changed since
4.X).
It is 1 by default, and it should be set to 0 to help better
interoperability with lots of peers.
This seems quite like corre
Hello,
VANHULLEBUS Yvan <[EMAIL PROTECTED]> wrote:
> net.key.prefered_oldsa, or net.key.preferred_oldsa (changed since
> 4.X).
> It is 1 by default, and it should be set to 0 to help better
> interoperability with lots of peers.
This seems quite like correct solution. I analyzed behavior of
On Thu, Jan 26, 2006 at 11:51:36AM -0800, Julian Elischer wrote:
> Oleg Tarasov wrote:
> There is a sysctl that can help this behaviour but I forget which
>
> something to do with ipsec and oldSAD or newSAD or something..
net.key.prefered_oldsa, or net.key.preferred_oldsa (changed since
4.X).
I
Oleg Tarasov wrote:
Hello,
I run FreeBSD 6.0 and installed latest ported version of ipsec-tools.
A had to create two IPSEC tunnels to two different hosts. On one host
runs FreeBSD too, on another host is located hardware router DI-804HV
(D-Link). That router is supposed to support IPSEC tunnel
