[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: VPN and OpenBSD 2.9

To: <misc@openbsd.org>
Subject: Re: VPN and OpenBSD 2.9
From: "Victor" <victord@paid.com>
Date: Tue, 14 Aug 2001 10:35:52 -0400
References: <200108011605.f71G5fl07277@faith.alltest.ca> <Pine.GSO.4.33.0108021138470.6658-100000@spitfire.crt.se> <200108011605.f71G5fl07277@faith.alltest.ca> <20010814011050.A18717@transas.co.uk>

> On Wed, Aug 01, 2001 at 10:19:26AM -0600, Mark Gangl wrote:
> > /etc/isakmpd/isakmpd.policy on both gateways is:
> > KeyNote-Version: 2
> > Comment: This policy accepts ESP SAs from a remote that uses the right
> > Authorizer: "POLICY"
> > Licensees: "passphrase:whywontthiswork"
> > Conditions: app_domain == "IPSec policy" &&
> >             esp_present == "yes" &&
> >             esp_enc_alg != "null" -> "true";
> > 
> 
> On Thu, Aug 02, 2001 at 11:58:01AM +0200, Hakan Olsson wrote:
> > Oops. The manual page should not have had _this_ as an example (it's
> > wrong). Sorry about this.

What is wrong with this policy? I don't notice any error.

> On related note, I believe "IPSec policy" here should be "IPsec policy".
> I was playing with isakmpd and found that it's necessary to change the
> line.

Is this the only problem? On the web page, it does say IPsec.

Follow-Ups:
- Re: VPN and OpenBSD 2.9
  - From: Hakan Olsson <ho@crt.se>

References:
- VPN and OpenBSD 2.9
  - From: Mark Gangl <mark@alltest.ca>
- Re: VPN and OpenBSD 2.9
  - From: Hakan Olsson <ho@crt.se>
- Re: VPN and OpenBSD 2.9
  - From: Mikhail Sobolev <mikhail.sobolev@transas.com>

Prev by Date: RE: Extremely poor network performance
Next by Date: apm0 question.
Prev by thread: Re: VPN and OpenBSD 2.9
Next by thread: Re: VPN and OpenBSD 2.9
Index(es):
- Date
- Thread