Hi
I'm trying to set up basic ipsec between an OpenBSD-current box and a
linux box using setkey, could anyone point out what i'm doing wrong
please? I'm getting no errors from ipsecctl or setkey, below are the
configs.
Thanks
Tom
ipsec.conf
flow esp from 192.168.114.101 to 192.168.114.140
esp from 192.168.114.101 to 192.168.114.140 spi 0xdeadbeef:0xbeefdead
enc blowfish \
authkey
0x54f79f479a32814347bb768d3e01b2b58e49ce674ec6e2d327b63408c56ef4e8:0x7f48ee352c626cdc2a731b9d90bd63e29db2a9
c683044b70b2f4441521b622d6 \
enckey
0xb341aa065c3850edd6a61e150d6a5fd3:0xf7795f6bdd697a43a4d28dcf1b79062d
ipsec-tools.conf
#!/usr/sbin/setkey -f
flush;
spdflush;
add 192.168.114.140 192.168.114.101 esp 0xbeefdead -E blowfish-cbc
0xf7795f6bdd697a43a4d28dcf1b79062d;
add 192.168.114.101 192.168.114.140 esp 0xdeadbeef -E blowfish-cbc
0xb341aa065c3850edd6a61e150d6a5fd3;
add 192.168.114.140 192.168.114.101 ah 0xbeefdead -A hmac-sha256
0x7f48ee352c626cdc2a731b9d90bd63e29db2a9c683044b70b2f44415
21b622d6;
add 192.168.114.101 192.168.114.140 ah 0xdeadbeef -A hmac-sha256
0x54f79f479a32814347bb768d3e01b2b58e49ce674ec6e2d327b63408
c56ef4e8;
spdadd 192.168.114.140 192.168.114.101 any -P out ipsec
esp/transport//require;
ah/transport//require;
spdadd 192.168.114.101 192.168.114.140 any -P in ipsec
esp/transport//require;
ah/transport//require;
