Hi Jason,
 
 what did you mean, when you said that there was nothing set up in the global 
zone to use the IPSec utilities?
 I'm currently testing IPSec (set in the global zone), between the two nodes 
and I had it working (ping was coming through and snoop was showing ESP 
messages coming from one node to the other).
 I have set up IPSec in the transport mode with pre-shared key authentication.
 Will some other setup fail to work?
 
 MiroB.
 
 ----- Original Message -----
 From: "Jason King" <jason.brian.k...@gmail.com>
 To: "a b" <tripivc...@hotmail.com>, smartos-discuss@lists.smartos.org
 Sent: Sunday, August 6, 2017 3:48:50 AM
 Subject: RE: [smartos-discuss] Proposed Experimental Setup
 
 All the IPsec utilities are still there (sadly the in.ike bits are still 
closed source).  You’d likely want to do everything from a zone since there’s 
nothing setup in a smartos global zone to use them.
 
 On August 5, 2017 at 5:27:18 AM, a b (tripivc...@hotmail.com) wrote:
 
 While we are on the subject of VPN, I used to run a datacenter triad (4200 km 
distance, 100ms latency) just by using Solaris 10, IPFilter and built-in IPsec.
 IPsec was configured via pkgadd(1M) and used a pre-shared key which changed 
every three minutes via built-in IKE daemon.
 
 What is the status of IPsec in SmartOS these days, and would something like 
that still be possible?
 --
 Empathy is still a core engineering value.
 


-------------------------------------------
smartos-discuss
Archives: https://www.listbox.com/member/archive/184463/=now
RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00
Modify Your Subscription: 
https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb
Powered by Listbox: http://www.listbox.com

Reply via email to