Eric Masson:
>> "Michael" == Michael Sierchio <[EMAIL PROTECTED]> writes:
>
> Michael> You should allow for an IP header with options and the ESP
> Michael> header, which is smaller than 1450. For SKIP I use 1366 as the
> Michael> advertised MTU, and for IPsec usually 1436, unless I need to
> M
> "Helge" == Helge Oldach <[EMAIL PROTECTED]> writes:
Hello Helge,
Helge> Actually this is the case.
I'd like...
Helge> Or better, it *should* be happening -
Helge> I don't know if you see the ICMPs or not.
Nope no "message too long" icmp packet returned to originator (nothing
in tcpdum
So, what would be a suitable MTU value for an ESP encrypted packet using
Blowfish?
Thanks
- Original Message -
From: "Helge Oldach" <[EMAIL PROTECTED]>
To: "Eric Masson" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Wednesday, October 29, 2003 9:04 AM
Subject: Re: ipsec tunnels & pac
Hi everyone,
I know it is kind an off-topic question but maybe another network admin
have already faced the following:
client--[__ipsec__]--gw--[__ip__]--internet
I, trying to secure a wireless link, want to have my clients using
ipsec on the segment between the gateway gw and the
Eric Masson wrote:
If i reduce lan interface mtu on "Host" to approximately 1450, the
tunnel works fine, so it seems that "Tunnel Endpoint" can't process
correctly packets with a size of 1500 bytes.
If more information regarding this issue is needed, just ask.
Is this a known issue ?
Except playin
I'm not sure if my guess is correct. But instead of using windows over
ipsec, i would use 2 FreeBSD boxes.
eg,
Client Host -- [ipsec on bsd] -- (( wirless )) -- [ipsec on bsd to
decrypt] -- (( internet ))
Not sure if that's what you're trying to do, was a little hard to
understand.
If that i
Hi all.
I am having troubles understanding and implementing an IPv6 network
either there is something wrong with my understanding, or there is something
wrong with my implementation/brain...
here is my understanding of what is IPv6 under freebsd.
in /etc/rc.conf
ipv6_enabled="yes" turns IPv6 o
