On Jul 26, 2007, at 8:11 PMJul 26, 2007, blue wrote:
Dear all:
I want to set up the gif tunnel for IPv6 IPsec as the Freebsd
Handbook http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/
ipsec.html
"VPN over IPsec" suggested for IPv4. However, I could not configure
the local IP addre
Dear all:
I want to set up the gif tunnel for IPv6 IPsec as the Freebsd Handbook
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ipsec.html
"VPN over IPsec" suggested for IPv4. However, I could not configure the
local IP address via
"ifconfig gif0 inet6 address>", ifconfig will compl
Dear Eric:
Thanks for your reply, but this page explains how to setup configured
tunnel for IPv6 packets over IPv4 network.
I need a gif0 interface whose endpoints are both IPv6 address, and the
display should be like:
gif0: flags=8051 mtu 1280
tunnel inet aa:bb:cc:dd::ee --> ww:xx:yy::z
Mihai Tanasescu wrote:
Artyom Viklenko wrote:
If you use PF, try to add rule
scrub in all fragment rassemble no-df
And VERY carefully check your ruleset. May be you block icmp in some
place
and PMTU doesn't work.
As as last resort you can add
max-mss to scrub rule. may be some value in
r
Artyom Viklenko wrote:
Mihai Tanasescu wrote:
Hello,
With help from another FreeBSD user on this list I was able to set up
an MPD pptp server to allow windows machines to connect to it.
Unfortunately now I've stumbled upon some strange behaviors.
First of all I'm getting icmp losses even i
On Fri, Jul 20, 2007 at 11:36:50AM -0700, Julian Elischer wrote:
> Robert Watson wrote:
> >
> >On Tue, 17 Jul 2007, Max Laier wrote:
> >
> >So far I have had 0 (zero) reports of problems since this thread began.
> >Could people using uid/gid/jail rules with ipfw or pf on 7.x *please*
> >try runni
Artyom Viklenko wrote:
I connect to Internet via ADSL/PPPoE which runs to same freebsd router
with mpd.
MTU is 1496. In pf I have
Sorry, MTU is 1492 bytes, sure. :)
--
Sincerely yours,
Artyom Viklenko.
-
At Thu, 26 Jul 2007 11:13:53 +0800,
blue wrote:
>
> Hi, all:
>
> Recently I found the behavior for the command "setkey -FP" is quite
> different for the latest version IPsec (known as FAST_IPSEC before).
> Before the command would erase all the existed SP entries; currently the
> command would
At Thu, 26 Jul 2007 08:13:02 +0800,
blue wrote:
>
> As far as I know, setkey is used for IPsec SP and SA configuration.
> ipsec_set_policy() could transfer a string to "policy request", which is
> defined in RFC 2367 PF_KEY. Internally, setkey() will call
> ipsec_set_policy() to construct the m
