On Fri, Dec 19, 2003 at 06:32:32AM -0800, Nathan Kay wrote: > On Thu, Dec 18, 2003 at 10:49:32PM -0800, Crist J. Clark wrote: > > IPsec does work, however. When I manually load up the SAD with > > setkey(8), the ESP tunnel comes up and everything is fine. > > Confirmed, IKE no longer works for my setup either, while manual > keying does. > > > I think the problem is that the IKE traffic, 500/udp, is not bypassing > > the IPsec processing like it should. > > That's what looked like was going on in my setup as well. A few others have seen the same problems with KAME IPsec in 5.2RC. One person mentioned that the FAST_IPSEC implementation does not share the bug. I switched over and things work fine with the same racoon executable and configuration. This does look like a bug in the FreeBSD KAME IPsec. -- Crist J. Clark | cjclark_at_alum.mit.edu | cjclark_at_jhu.edu http://people.freebsd.org/~cjc/ | cjc_at_freebsd.orgReceived on Sun Dec 21 2003 - 19:18:10 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:35 UTC