[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: ipsec vpn
Thanks Markus. Making the changes to sysctl.conf file
got rid of the error message. Your message said man 4 ipsec
has the information, but I was not able to locate it. I
openbsd from ftp3.usa.openbsd.org yesterday (july 4).
Thanks for your help again.
- Deepak
> -----Original Message-----
> From: owner-misc@openbsd.org
> [mailto:owner-misc@openbsd.org]On Behalf Of
> Markus Friedl
> Sent: Monday, July 05, 1999 8:32 AM
> To: Deepak Vaidya; Denis A Ustimenko
> Cc: misc@openbsd.org; faq@openbsd.org
> Subject: Re: ipsec vpn
>
>
> On Sun, Jul 04, 1999 at 06:16:31PM -0400, Deepak Vaidya wrote:
> > I get pfkey: Operation not supported.
>
> On Mon, Jul 05, 1999 at 07:11:28PM +0700, Denis A
> Ustimenko wrote:
> > I've upgraded from 2.4 to 2.5.
> > [...]
> > pfkey: Operation not supported
>
> in 2.5, you have to enable the kernel IPsec handling
> with sysctl:
>
> nohow% egrep 'esp|ah' /etc/sysctl.conf
> net.inet.esp.enable=1 # 1=Enable the ESP
> IPSec protocol
> net.inet.ah.enable=1 # 1=Enable the AH
> IPSec protocol
>
> reboot after editing /etc/sysctl.conf
>
> -markus
>
> PS: this should be in the faq for 2.5 (xx: OpenBSD 2.5
> Specific Information )
> PPS: man 4 ipsec says on OpenBSd-current:
>
> NOTE
> IPSec is enabled with the following
> sysctl(3) variables in
> /etc/sysctl.conf:
>
> net.inet.esp.enable Enable the ESP IPSec protocol
>
> net.inet.ah.enable Enable the AH IPSec protocol
>
- References:
- Re: ipsec vpn
- From: Markus Friedl <Markus.Friedl@informatik.uni-erlangen.de>