I don't know about OpenBSD (haven't looked at it for quite sometime) but here at GTA we're a FreeBSD shop. The KAME IPSec code in FreeBSD works just fine with the GNAT Box IPSec. The GNAT Box implementation is using the ESP tunnel mode, so typically you'll need a BSD box as a gateway with target host systems behind it. Depending on how you have configured your OpenBSD box you should be able to have it (the gateway) also use the tunnel. Perhaps your OpenBSD box is using the transport mode or not hitting the inbound side of the tunnel.
Paul >I refuse to stop flogging this dead horse... ;-) > >Has anybody gotten this to work? I've been dorking with it again in OBSD >3.0, still seem to have the same issues. Both sides appear to be >configured fine, tcpdump on the OBSD box shows ESP traffic coming from the >GB, while the GB shows ESP traffic coming in from the OBSD box, but >packets never get past either gateway. Seems like it's probably a keying >issue. I've tried blowfish and 3des with no luck. I'm going to keep >pounding on it, but I send this note in hopes of someone else having >already done the pounding... > > >Regards, > >Ed Hintz >Network Systems Administrator >Natus Medical, Inc. >[EMAIL PROTECTED] > > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >To subscribe to the digest version first unsubscribe, then > e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] -- -------------------------------------------------------------------- Paul Emerson Tel: +1.407.380.0220 x1106 Global Technology Associates, Inc. Fax: +1.407.380.6080 3505 Lake Lynda Drive Mobile: +1.407.310.8563 Suite 109 Email: [EMAIL PROTECTED] Orlando, Florida 32817 USA Web: http://www.gta.com Mobile Email: [EMAIL PROTECTED] --------------------------------------------------------------------- --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] To subscribe to the digest version first unsubscribe, then e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
