should I be able to traceroute from one firewall to other when it's working?
Will I need to add a custom route or will they show up when I finally do have it working? On 11/20/06, Mathieu Sauve-Frankel <[EMAIL PROTECTED]> wrote: > > On Mon, Nov 20, 2006 at 05:25:16PM -0500, Bryan Irvine wrote: > > more info > > > > due to the length I will post on my site to keep everyones inbox from > > overflowing. > > > > output of isakmpd -d -DA=99 > > http://allyourbasearebelongto.us/isakmpd.txt > > isakmpd is dying because you have enabled the use of keynote and there > is no isakmpd.policy file, look at the last 3 or 4 lines of that log file. > To run isakmpd without keynote support run isakmpd with -K. > > Just to avoid any further confusion, let me describe how you MUST start > isakmpd if you are using ipsecctl and sasyncd to create a failover pair. > This is the same order as in /etc/rc > > First start isakmpd with the -K and -S flags. > # isakmpd -KS > > Load you ipsec.conf rules > # ipsecctl -f /etc/ipsec.conf > > Start sasyncd > # sasyncd > > -- > Mathieu Sauve-Frankel
