choosing another random number generator

2004-06-10 Thread Holger Eitzenberger
Hi all, using FBSD 4.9 I want to choose another RNG, because I have to following line in the logs when starting IPSec: WARNING: pseudo-random number generator used for IPsec processing Against popular believe[1] the Handbook or the random(4) manpage does not mention how to switch to anot

Re: choosing another random number generator

2004-06-12 Thread Holger Eitzenberger
On Thu, Jun 10, 2004 at 03:39:50PM -0400, Chuck Swiger wrote: > > WARNING: pseudo-random number generator used for IPsec processing > > Consider getting something like: > > http://www.soekris.com/vpn1401.htm > > ...which will provide you with a hardware-based RNG. You'll need to enable >

IPsec: problems after upgrade 4.8 to 4.9

2004-03-19 Thread Holger Eitzenberger
Hi, I was sucessfully running FBSD 4.8 with X509 certicate VPN. After installation of FBSD 4.9 I get the following error messages: isakmp.c:899:isakmp_ph1begin_r(): begin Identity Protection mode. ERROR: ipsec_doi.c:1318:get_transform(): Only a single transform payload is allowed

Re: IPsec: problems after upgrade 4.8 to 4.9

2004-03-26 Thread Holger Eitzenberger
On Mon, Mar 22, 2004 at 08:21:35AM +0100, Helge Oldach wrote: > > (*) ERROR: ipsec_doi.c:440:print_ph1mismatched(): rejected dh_group: > >DB(prop#1:trns#1):Peer(prop#0:trns#0) = 1024-bit MODP group:1536-bit MODP > >group > >dh_group 2; > Try changing the last line to > >