Re: route based ipsec

2019-05-09 Thread Peter Blok
I have tried certificates in the past, but racoon never worked stable enough. Didn’t crash on me though. I have moved over to Strongswan and never regretted this move. Very stable. Peter > On 8 May 2019, at 03:29, Eugene Grosbein wrote: > > 08.05.2019 3:23, KOT MATPOCKuH wrote: > >> I'm

Re: route based ipsec

2019-05-07 Thread Eugene Grosbein
08.05.2019 3:23, KOT MATPOCKuH wrote: > I'm misunderstand what in my configuration can result core dumps a running > daemon... > I'm attached a sample racoon.conf. Can You check for possible problems? > Also on one host I got a crash in another function: > (gdb) bt > #0 0x0024717f in

Re: route based ipsec

2019-05-07 Thread KOT MATPOCKuH
Hello! вс, 5 мая 2019 г. в 13:50, Andrey V. Elsukov : > > 0.The ipsec-tools port currently does not have a maintainer (C) > portmaster > > ... Does this solution really supported? Or I should switch to use > another > > IKE daemon? > I think it is unmaintained in upstream too. > But why it

Re: route based ipsec

2019-05-05 Thread Andrey V. Elsukov
On 02.05.2019 23:16, KOT MATPOCKuH wrote: > I'm trying to make a full mesh vpn using route based ipsec between four > hosts under FreeBSD 12. > I'm used racoon from security/ipsec-tools (as it recommended in > https://www.freebsd.org/doc/handbook/ipsec.html) > Result looks work,

Re: route based ipsec

2019-05-04 Thread KOT MATPOCKuH
Hello! сб, 4 мая 2019 г. в 21:01, Scott Aitken : > > On 5/2/2019 4:16 PM, KOT MATPOCKuH wrote: > > > 0.The ipsec-tools port currently does not have a maintainer (C) > portmaster > > > ... Does this solution really supported? Or I should switch to use > > > another IKE daemon? > > I've just

Re: route based ipsec

2019-05-04 Thread Scott Aitken
> On 5/2/2019 4:16 PM, KOT MATPOCKuH wrote: > > 0.The ipsec-tools port currently does not have a maintainer (C) portmaster > > ... Does this solution really supported? Or I should switch to use > > another IKE daemon? I've just started using IPSEC between a 12.0-RELEASE box, a 11.2-RELEASE-p9 box

Re: route based ipsec

2019-05-03 Thread Mike Tancsa
On 5/2/2019 4:16 PM, KOT MATPOCKuH wrote: > 0.The ipsec-tools port currently does not have a maintainer (C) portmaster > ... Does this solution really supported? Or I should switch to use another > IKE daemon? Take a look at StrongSwan in the ports for your IKE daemon and google around for

route based ipsec

2019-05-02 Thread KOT MATPOCKuH
Hello! I'm trying to make a full mesh vpn using route based ipsec between four hosts under FreeBSD 12. I'm used racoon from security/ipsec-tools (as it recommended in https://www.freebsd.org/doc/handbook/ipsec.html) Result looks work, but I got some problems: 0.The ipsec-tools port currently does