Subject: Re: FreeS/WAN <-> KAME
To: None <netbsd-users@netbsd.org>
From: Jan Schaumann <jschauma@netbsd.org>
List: netbsd-users
Date: 09/11/2002 15:19:18
"Noah L. Meyerhans" <frodo@morgul.net> wrote:
> On Mon, Sep 09, 2002 at 06:13:10PM -0400, Jan Schaumann wrote:
> > I've been trying to follow these examples, but when I start ipsec on the
> > Linux-site, it seems to try to use IPsec for all communication (I only
> > want it to talk to the NetBSD machine at a certain port using IPsec).
> > At the same time, on the NetBSD side, connections to the specified port
> > on the Linux machine time out; racoon complains:
> 
> I don't think FreeS/WAN allows port-specific security assiciations.

Rats.  So if I want traffic to some port encrypted, I will need to
encrypt _every_thing?  Isn't that, uhm, suboptimal?  Suppose I want to
perform backups using encryption, but still function as a webserver (as
an example) and allow not encrypted traffic...

Am I not understanding something correctly?  It seems to me this should
not only be possible, but also very simple.

-Jan

-- 
"Ford," he said, "you're turning into a penguin. Stop it."