I mean there is nothing there setup (AFAIK) in the global zone to persist it’s IPsec configuration (since changes to most of /etc aren’t saved between reboots). You’d need to roll your own scripts for that. That’s all. On August 7, 2017 at 3:39:34 AM, Miroslav Bagljaš (m...@erigones.com) wrote: Hi Jason, what did you mean, when you said that there was nothing set up in the global zone to use the IPSec utilities? I'm currently testing IPSec (set in the global zone), between the two nodes and I had it working (ping was coming through and snoop was showing ESP messages coming from one node to the other). I have set up IPSec in the transport mode with pre-shared key authentication. Will some other setup fail to work? MiroB. ----- Original Message ----- From: "Jason King" <jason.brian.k...@gmail.com> To: "a b" <tripivc...@hotmail.com>, smartos-discuss@lists.smartos.org Sent: Sunday, August 6, 2017 3:48:50 AM Subject: RE: [smartos-discuss] Proposed Experimental Setup All the IPsec utilities are still there (sadly the in.ike bits are still closed source). You’d likely want to do everything from a zone since there’s nothing setup in a smartos global zone to use them. On August 5, 2017 at 5:27:18 AM, a b (tripivc...@hotmail.com) wrote: While we are on the subject of VPN, I used to run a datacenter triad (4200 km distance, 100ms latency) just by using Solaris 10, IPFilter and built-in IPsec. IPsec was configured via pkgadd(1M) and used a pre-shared key which changed every three minutes via built-in IKE daemon. What is the status of IPsec in SmartOS these days, and would something like that still be possible? -- Empathy is still a core engineering value.
signature.asc
Description: Message signed with OpenPGP using AMPGpg
Description: S/MIME cryptographic signature------------------------------------------- smartos-discuss Archives: https://www.listbox.com/member/archive/184463/=now RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00 Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb Powered by Listbox: http://www.listbox.com
