Subject: Re: IPSEC in GENERIC
To: Greg Troxel <gdt@ir.bbn.com>
From: Christos Zoulas <christos@zoulas.com>
List: tech-kern
Date: 02/22/2006 13:26:28
On Feb 22,  1:16pm, gdt@ir.bbn.com (Greg Troxel) wrote:
-- Subject: Re: IPSEC in GENERIC

| I think ipsec_havespd might have to be true if any of these are non-1
| 
| net.inet.ipsec.def_policy = 1 [IPSEC_POLICY_NONE]
| 
| net.inet.ipsec.esp_trans_deflev = 1 [IPSEC_LEVLE_USE]
| net.inet.ipsec.esp_net_deflev = 1
| net.inet.ipsec.ah_trans_deflev = 1
| net.inet.ipsec.ah_net_deflev = 1
| 

Thanks, I will change it.

christos