>>>>> "itojun" == itojun  <itojun@iijlab.net> writes:
    >> I finally gave the newest racoon a whirl with the TimeStep PERMIT
    >> gateway at work. Phase 2, no problem... but I didn't get
    >> responses... the reason?  Because I didn't use the right address on
    >> the inside of my tunnel.  I need to use an address assigned to me by
    >> the PERMIT.  Itojun, do you know what extension they implemented?

    itojun> i do not remember.  if you could gather full logs using: % script
    itojun> /tmp/foo % racoon -F -d 0xffffffff (run in foreground) it may
    itojun> help.

  I'll grab that in a minute.
  There are some other tests that I want to do first...

    itojun> (there could be pcb source address selection issues in that
    itojun> case...)

  Absolutely.
  I'd like to do something like:

  ifconfig lo1 inet 192.168.1.xxx up
	       (whatever was assigned by the gateway)

  except that "lo" isn't right, as I actually want the packets to be
IPsec encapsulated. This is where the explicit tunnel devices of NRL were
very nice.

] Train travel features AC outlets with no take-off restrictions|gigabit is no[
]   Michael Richardson, Solidum Systems   Oh where, oh where has|problem  with[
]     mcr@solidum.com   www.solidum.com   the little fishy gone?|PAX.port 1100[
] panic("Just another NetBSD/notebook using, kernel hacking, security guy");  [