I see the following error in my firewall log:
client limit (100) reached, refusing connection from xx.xxx.x.26 (this
IP is on the firewall interface facing the public)
proxy cannot connect to server xx.xxx.x.48: No route to host
Thanks,
_Motty
Hello all,
I am searching for hardware to build a router with OpenBSD. I have found
mixed signals as to fastest system with i386 or 64bit. I know in the
past i386 OpenBSD used to perform a lot better than 64bit system.
Any suggestions!
Thanks,
Motty
wrote:
Greetings Motty Cruz,
In general, you could achieve performance by configuring your kernel
according to your hardware. You can use dmesg(8) and 'GENERIC' kernel
configuration as a guide for your hardware.
Sometimes i386 will run faster than 64 bit (see
http://www.openbsd.org/
Hello All,
I'm trying to setup IPSec Tunnel using the following parameters.
Phase 1
exchange encryption: AES256
Data Integrity: SHA256
DH: group 20
Agressive Mode
phase 2
encryption: AESGCM256
HASH: SHA384
I can't find examples to configure isakmpd.conf using parameters above.
[fw2-main-mode]
think people running 5.4+ don’t even use it any more.
Br
//mxb
On 16 jan 2015, at 21:22, Motty Cruz wrote:
Hello All,
I'm trying to setup IPSec Tunnel using the following parameters.
Phase 1
exchange encryption: AES256
Data Integrity: SHA256
DH: group 20
Agressive Mode
phase 2
encrypti
ted out of ipsec.conf.
I think people running 5.4+ don’t even use it any more.
Br
//mxb
On 16 jan 2015, at 21:22, Motty Cruz wrote:
Hello All,
I'm trying to setup IPSec Tunnel using the following parameters.
Phase 1
exchange encryption: AES256
Data Integrity: SHA256
DH: group 20
Agress
Hello,
My company is getting another Internet connection, our new ISP ask that
we setup bgp to peer with one of their router to receive updates and
peer to another router to broadcast our routes. ISP gave us the
following setup example:
My questions is how would this setup be done in OpenBSD 5
running the command "route show" does not get the full internet routing
table as I should. However, if I run "bgpctl show rib" I get the full
routing table. Router is routing packets fine, however, I am concern
that something may be wrong.
any explanation as to why this is happening?
# bgpctl
trying to send a community string to our neighbor here is my configuration:
# ISP peer 1 announcements only#
neighbor 19.25.16.13 {
remote-as 7X32
descr "level1"
announce all
set community 7X32:100
tcp md5sig password "passwd2"
}
here is
Hello,
I have a gateway machine OpenBSD 5.5 that won't not initiate connection
to peer. The one way to establish VPN tunnel is if peer ping IP in my
subnet.
in pf.conf
IpsecClients="{ 173.16.2.20/32, 139.19.10.51/32 }"
IpsecHosts="{ 192.16.38.24/27 }"
# IPSec VPN tunnel
pass in on $OUTSIDE
Thank you for your suggestion,
I already have connections to peers using isakmpd, am afraid to bring
those connections down to switch over to ipsec.
On 07/11/2015 05:02 PM, carlos albino garcia grijalba wrote:
> use ipsec.conf the new configuration are simple i have connections
> from cisco pee
configuring ipsec.conf with ipcomp seem to be difficult then I thought.
I enable ipcomp
# sysctl -a | grep ipcomp
net.inet.ipcomp.enable=1
ipcomp is enabled on both gateways. Here is ipsec.conf:
flow ipcomp from 10.10.10.0/24 to 10.10.2.0/24 \
peer 192.168.1.57
ike esp from 10.10.10.0/2
Hello, how to reload configuration without restarting isakmpd?
Thanks,
Thank you all,
I used this command.
ps aux
kill 29309
kill 7908
ps aux
isakmpd -S
sasyncd
Thanks,
On Fri, Jul 25, 2014 at 8:29 AM, Reyk Floeter wrote:
> On Fri, Jul 25, 2014 at 08:17:15AM -0700, motty cruz wrote:
> > Hello, how to reload configuration without restartin
14 matches
Mail list logo
