Hi,
I'm currently trying to configure pfsync including ipsec, since
the machine we will have to configure just has two interfaces
(old sun netra x1) and the pfsync traffic has to be secured.
The configuration is:
(its a very basic config, cause I tried to reduce it to find the problem)
- /etc/hostname.enc0
up
- /etc/hostname.pfsync0
create
syncpeer 192.168.160.2 syncdev enc0
up
- /etc/ipsec.conf
ike esp from 192.168.160.1 to 192.168.160.2 \
psk toortoor
ike esp from 192.168.160.2 to 192.168.160.1 \
psk toortoor
- /etc/rc.conf.local
isakmpd_flags="-K -4"
ipsec=YES
- /etc/pf.conf
set skip on lo
set skip on enc0
set hostid 1
pass log # to establish keep-state
- Kernel
OpenBSD 5.0 (GENERIC) #43: Wed Aug 17 10:10:52 MDT 2011
[email protected]:/usr/src/sys/arch/i386/compile/GENERIC
The ipsec connection works fine, tcp/udp/icmp showed no problems.
But as soon pfsync-traffic shows up at the ipsec connection the systems
(both at the same time) hangs, crashes or panics.
I had to take pics, since I tested the setup in VirtualBox.
panic:
http://sri-dev.de/uploads/obsd/panic-pfsync-esp.png
crash:
http://sri-dev.de/uploads/obsd/panic-pfsync-esp2.png
Any Ideas? Is it a known problem?
If you need more informations about the setup/config, feel
free to ask.
Thanks in advance and
greetz Stefan
