Fixed in /cvs/src/sys/net/pf.c 1.922
Thanks very much to mikeb@ and bluhm@. There are a few IPsec-DNS
related issues on misc@ that should be gone now.
On Fri, Jul 03, 2015 at 08:39:16AM +0200, Mark Patruck wrote:
Short update. After testing multiple scenarios (iked, isakmpd),
normal ruleset,
Short update. After testing multiple scenarios (iked, isakmpd),
normal ruleset, smallest rulesetit turns out, that if i
remove (if-bound) from every pass on enc0 rule on the REMOTE
machines, everything works.
On Tue, Jun 30, 2015 at 08:26:26AM +0200, Mark Patruck wrote:
Thanks, i've already
Thanks, i've already seen that thread.
I've found out, that if i 'skip on enc0' on the REMOTE machines
everything works fine and though i currently use a very simple
ruleset (no normalization, no default blocks, pass all on enc0...)
It only works with 'skip on enc0'.
On Mon, Jun 29, 2015 at
Hi,
i'm sitting here for hours with a weird dns lookup issue.
I have two remote machines (3 days old amd64 current)
which are connected via ipsec to PEER. Except that iked
throws the following message every few minutes
iked[123]: pfkey_sa_last_used
everything works fine.
PEER enc0-
Btw i forgot to mention...of course the PEER is running
OpenBSD -current too (two days old amd64)
Meanwhile i switched to isakmpd (for testing and to make
sure iked isn't the (only) problem) but it also doesn't work.
On Mon, Jun 29, 2015 at 03:45:48PM +0200, Mark Patruck wrote:
Hi,
i'm
On Mon, Jun 29, 2015 at 07:04:41PM +0200, Mark Patruck wrote:
Btw i forgot to mention...of course the PEER is running
OpenBSD -current too (two days old amd64)
Meanwhile i switched to isakmpd (for testing and to make
sure iked isn't the (only) problem) but it also doesn't work.
On Mon,
6 matches
Mail list logo