Matt Thomas wrote:

>
> On Monday, July 28, 2003, at 09:40 AM, J. Buck Caldwell wrote:
>
>> So I've got my IPSec network tunnels up and running nicely, using 
>> ESP/Transport. Now I'm interested in adding compression to the mix. 
>> Any ideas? None of the stuff I can find on the web seems to talk much 
>> about compression, only that it's supposed to be an integral offering 
>> to IPSec.
>
> You need to negotiate the use of the IPCOMP protocol.

Yea... I had that figured. I was kinda hoping for a bit more detail. Given:

IPSEC.CONF:
spdadd corpaddr branchaddr any -P out ipsec esp/transport//require;
spdadd branchaddr corpaddr any -P in ipsec esp/transport//require;

Do I just need to add:
spdadd corpaddr branchaddr any -P out ipsec ipcomp/transport//require;
spdadd branchaddr corpaddr any -P in ipsec ipcomp/transport//require;

and the appropriate reversal on the other end? Do I need to specify 
these lines before or after the esp lines, or is ordering handled 
internally?