[Openswan Users] Fw: [Ipsec-tools-devel] ipcomp between racoon
and FreeS/WAN 2.04
Herbert Xu
herbert at gondor.apana.org.au
Sat Mar 27 08:04:46 CET 2004
On Fri, Mar 26, 2004 at 02:56:20PM +0100, Marco Berizzi wrote:
>
> Also setkey is involved.
> After all, the wrong IP-IP header is there because I tell setkey
> to put it:
In that case you're to blame, not racoon :)
setkey is as agnostic about the ordering as the kernel.
> spdadd 10.1.2.0/24 10.1.1.0/24 any -P in ipsec
> ipcomp/tunnel/172.16.1.247-172.16.1.226/use
> esp/tunnel/172.16.1.247-172.16.1.226/require;
Change the second esp to transport and the kernel will talk
to *swan.
--
Debian GNU/Linux 3.0 is out! ( http://www.debian.org/ )
Email: Herbert Xu ~{PmV>HI~} <herbert at gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
More information about the Users
mailing list