[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

ipsecadm on -current

To: misc@openbsd.org
Subject: ipsecadm on -current
From: Ian Main <imain@netidea.com>
Date: Thu, 2 Nov 2000 12:29:50 -0800
Content-Disposition: inline
User-Agent: Mutt/1.2.4i

So, I've started playing with ipsec, and just want to setup encrypted
communication between 2 hosts (to start).  I'm using a 2.8 snapshot
from about 3 weeks ago on one machine, and an older (I forget, but it
still thinks it's 2.8) on the other machine.

Following the examples in the FAQ and manpage, I tried:

$ sudo ipsecadm new esp -enc 3des -auth sha1 -spi 1000 -dst
192.168.100.1 -src 192.168.100.5 -key
638063806380638063806380638063806380638063806380 -authkey
1234123412341234123412341234123412341234

which is right out of the manpage (even the keys :))

that goes with silent acceptance, but then I try to setup the flow:

$ sudo ipsecadm flow -dst 192.168.100.1 -spi 1000 -proto esp -addr
192.168.100.5 255.255.255.255 192.168.100.1 255.255.255.255
ipsecadm: use of flag "-spi" is deprecated with flow creation or deletion
write: Invalid argument

Removing the -spi argument just gives the 'Invalid argument' error.

I've tried many permutations of this from examples in the FAQ and
manpage, and am at a loss to even see it properly setup.  I gather
there have been some changes that have not been reflected in the
documentation.

Yes, I have the appropriate sysctl's set :)

Any advice is appreciated.

Thanks in advance

	Ian

Follow-Ups:
- Re: ipsecadm on -current
  - From: "Angelos D. Keromytis" <angelos@dsl.cis.upenn.edu>

Prev by Date: Re: =?koi8-r?Q?Thinking_of_locales_=5BSElin=40flagship=2Eru:_=ED=D9=D3=CC=C9?==?koi8-r?Q?_=CF_locale=5D?=
Next by Date: Re: ipsecadm on -current
Prev by thread: Re: file integrity programs
Next by thread: Re: ipsecadm on -current
Index(es):
- Date
- Thread