Subject: RE: Configuring IPSec tunnel between NetBSD and Intel Shiva
To: None <netbsd-help@NetBSD.ORG>
From: Derrick Lobo <derrick@givex.com>
List: netbsd-help
Date: 02/14/2003 09:15:52
To all the *BSD Guru's out there

I have been eagerly waiting for a solution......

Got a clue....Anyone!!!!

Thanks

Derrick
-----Original Message-----
From: Derrick Lobo [mailto:derrick@givex.com]
Sent: Tuesday, February 11, 2003 11:12 AM
To: 'netbsd-help@NetBSD.ORG'
Subject: Configuring IPSec tunnel between NetBSD and Intel Shiva



Hi All

I am using the setkey command to enable tunnel on netbsd with 3des and sha1.
While browsing www I read a document which said Intel Shiva has to be
configured to IPsec and not the propritery software. I have included my
ipsec.conf

ipsec.conf
add yyy.yyy.yyy.yyy xxx.xxx.xxx.xxx esp 9780 -E 3des-cbc
"abcd1234abcd1234abcd1234" -A hmac-sha1 "abcd1234abcd1234abcd";
add xxx.xxx.xxx.xxx yyy.yyy.yyy.yyy esp 10001 -E 3des-cbc
"abcd1234abcd1234abcd1234" -A hmac-sha1 "abcd1234abcd1234abcd";

spdadd aaa.aaa.aaa.aaa/32 bbb.bbb.bbb.bbb/24 any -P out ipsec
esp/tunnel/yyy.yyy.yyy.yyy-xxx.xxx.xxx.xxx/require;
spdadd bbb.bbb.bbb.bbb/24 aaa.aaa.aaa.aaa/32 any -P in ipsec
esp/tunnel/xxx.xxx.xxx.xxx-yyy.yyy.yyy.yyy/require;

I am not using racoon....

Thanks

Derrick