> 8 outbound packets with no SA available
> Both boxes are running RELENG_4_3 (security release), and have 'options
> IPSEC' and 'options IPSEC_ESP' in the kernel.
>
> Box A is 192.168.0.2/24, Box B is 192.168.0.3/24.
>
> Here's what I'm doing on box A:
>
> gabby# setkey -c << EOF
> ad
[EMAIL PROTECTED] wrote:
> you can create a similar packet by using IPsec transport mode against
> gif-encapsulated packet, however, it does not look exactly the same.
> if the other end is picky about packet format, they may drop it
> because it does not conform to
On Wed, Feb 21, 2001 at 10:00:09AM +1100, Stephen Cimarelli wrote:
> * Most users seem to use gif devices to setup the tunnels instead of IPsec
> tunnels, Why?
gif is the name of the device used to implement tunneling.
> What ports/protocols do I need to allow through a firewall to allow gif an
>> * Most users seem to use gif devices to setup the tunnels instead of IPsec
>> tunnels, Why?
>gif is the name of the device used to implement tunneling.
>> What ports/protocols do I need to allow through a firewall to allow gif and
>> IPsec to work?
>gif isn't a protocol, it's an interface name
