Next month it should be trivial to make that go then ;)
On Dec 12, 2004, at 4:06 PM, Ted Kat. wrote:
When Mike and I setup the Security Policy Database (SPD)
I/we omited the ah/tunnel/ part. Could be why we got the tunnel
but nothing thru because there was no ip authentication on our end.
I think racoon setup the Security Association Database (SAD) right though.
Should of been like this.
spdadd 192.168.3.0/24 192.168.4.0/24 any -P out ipsec esp/tunnel/192.168.0.203-192.168.0.200/require ah/tunnel/192.168.0.203-192.168.0.200/require;
spdadd 192.168.4.0/24 192.168.3.0/24 any -P in ipsec esp/tunnel/192.168.0.200-192.168.0.203/require ah/tunnel/192.168.0.200-192.168.0.203/require;
--- "Ryan T.Patterson" <[EMAIL PROTECTED]> wrote:
Yes, AH was enabled as was ESP. We were set for DH Group 2, AES, and MD5 in our last iteration. No NAT, no NAT transversal or anything wacky like that...
On Dec 12, 2004, at 12:46 PM, Ted Kat. wrote:
I have been backtracking what we did yesterday and I think I figured out what happened.
Ryan P. What was the setup on the BSD box? Was AH enabled?
-- -- Ryan
===== Ted Katseres ----------------------------------------- sclinux.org President: Sioux City Linux Users Group -----------------------------------------
__________________________________ Do you Yahoo!? Meet the all-new My Yahoo! - Try it today! http://my.yahoo.com
-- -- Ryan
