I am trying to set up IPSEC on some minimized systems. Some of them are TX enabled. My first question is what packages are required for IPSEC? Is
system SUNWcryr Solaris Root Crypto sufficient? If not, what else is required? I set up IPSEC using manual keys, self-signed certs, and pre-shared key. Looking at IKE debug output for the certs and pre-shared key, the IKE initialization times out. Nothing passes between the two machines. Is there any other debugging that I can do? I am also using zones. Is there anything there I need to look out for? I am doing everything in the global zone. Some of my machines are T2 processors. I believe I have the onboard accelerator enabled. # elfsign verify -e /platform/sun4v/kernel/drv/sparcv9/n2cp elfsign: verification of /platform/sun4v/kernel/drv/sparcv9/n2cp passed. I know I am not giving much info here. I have googled myself out here. Any pointers to some good howto's on S10? Any help appreciated. Wayne -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2442 bytes Desc: not available URL: <http://mail.opensolaris.org/pipermail/crypto-discuss/attachments/20090325/de0b87cb/attachment.bin>
