Subject: Re: IPSec w. IPv4 Wierdness
To: None <firstname.lastname@example.org>
From: Michael Richardson <email@example.com>
Date: 01/03/2001 13:27:16
>>>>> "itojun" == itojun <firstname.lastname@example.org> writes:
>> I finally gave the newest racoon a whirl with the TimeStep PERMIT
>> gateway at work. Phase 2, no problem... but I didn't get
>> responses... the reason? Because I didn't use the right address on
>> the inside of my tunnel. I need to use an address assigned to me by
>> the PERMIT. Itojun, do you know what extension they implemented?
itojun> i do not remember. if you could gather full logs using: % script
itojun> /tmp/foo % racoon -F -d 0xffffffff (run in foreground) it may
I'll grab that in a minute.
There are some other tests that I want to do first...
itojun> (there could be pcb source address selection issues in that
I'd like to do something like:
ifconfig lo1 inet 192.168.1.xxx up
(whatever was assigned by the gateway)
except that "lo" isn't right, as I actually want the packets to be
IPsec encapsulated. This is where the explicit tunnel devices of NRL were
] Train travel features AC outlets with no take-off restrictions|gigabit is no[
] Michael Richardson, Solidum Systems Oh where, oh where has|problem with[
] email@example.com www.solidum.com the little fishy gone?|PAX.port 1100[
] panic("Just another NetBSD/notebook using, kernel hacking, security guy"); [