[Openswan Users] Fw: [Ipsec-tools-devel] ipcomp between racoon
and FreeS/WAN 2.04
Marco Berizzi
pupilla at hotmail.com
Fri Mar 26 14:56:20 CET 2004
Herbert Xu wrote:
> Michael Richardson <mcr at sandelman.ottawa.on.ca> wrote:
> >
> > The problem with 26sec's use of IPCOMP is a clear problem.
>
> You mean racoon. The Linux IPsec stack leaves the layout of the
> packets entirely up to user space.
Also setkey is involved.
After all, the wrong IP-IP header is there because I tell setkey
to put it:
spdadd 10.1.2.0/24 10.1.1.0/24 any -P in ipsec
ipcomp/tunnel/172.16.1.247-172.16.1.226/use
esp/tunnel/172.16.1.247-172.16.1.226/require;
spdadd 10.1.1.0/24 10.1.2.0/24 any -P out ipsec
ipcomp/tunnel/172.16.1.226-172.16.1.247/use
esp/tunnel/172.16.1.226-172.16.1.247/require;
More information about the Users
mailing list