Re: IPsec vs ssh

To: John Nemeth <jnemeth%cue.bc.ca@localhost>
Subject: Re: IPsec vs ssh
From: Darren Reed <darrenr%netbsd.org@localhost>
Date: Tue, 12 Nov 2013 12:28:59 +1100

On 12/11/2013 7:48 AM, John Nemeth wrote:
...
> } > } > Also, just encrypting icmp is next to useless.
> } > } 
> } > } Encrypting only icmp is perfect for testing until the configuration
> } > } is correct and properly operationalised.
> } > 
> } >      True enough.  Does the tunnel come up and work?  Can you ping
> } > both directions through the tunnel?
> } 
> } Almost.
> 
>      Then this is the real problem:  you don't have a viable tunnel.
> 
>      You might want to use "setkey -D" and/or "setkey -D -P" to
> see what the kernel is seeing.

Why do I need a tunnel?

Darren

Follow-Ups:
- Re: IPsec vs ssh
  - From: John Nemeth

References:
- Re: IPsec vs ssh
  - From: John Nemeth

Prev by Date: Re: IPsec vs ssh
Next by Date: Re: IPsec vs ssh
Previous by Thread: Re: IPsec vs ssh
Next by Thread: Re: IPsec vs ssh
Indexes:

Home | Main Index | Thread Index | Old Index