[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OBSD2.8 bridge and isakmpd probs

To: Paul <pjdesign@yifan.net>
Subject: Re: OBSD2.8 bridge and isakmpd probs
From: "Angelos D. Keromytis" <angelos@dsl.cis.upenn.edu>
Date: Sat, 02 Dec 2000 01:34:57 -0500
Cc: misc@openbsd.org


In message <p05010401b64e187b185f@172.16.0.50>, Paul writes:
>
>Having read the ipsec bridge section of brconfig(8) it would seem as 
>thought I need to associate an SA with the enc1, altho i can't see 
>how that should be done in a bridge configuration. I had assumed that 
>this would be handled by isakmpd but that doesn't seem to be the case.

No, isakmpd still does not handle automated keying for the bridge;
currently, you need to manually setup an SA (via ipsecadm) and then
associate that SA with an enc interface. The IPsec policy code was changed
recently, which is why support for isakmpd+bridge is not in place.
-Angelos

References:
- OBSD2.8 bridge and isakmpd probs
  - From: Paul <pjdesign@yifan.net>

Prev by Date: loopback filesystem
Next by Date: Re: Weird 2.7 error
Prev by thread: OBSD2.8 bridge and isakmpd probs
Next by thread: loopback filesystem
Index(es):
- Date
- Thread