At Fri, 25 Jan 2008 01:20:08 -0300, Nenhum_de_Nos wrote: > > ---------- Forwarded message ---------- > From: Nenhum_de_Nos <matheusber_at_gmail.com> > Date: Jan 25, 2008 1:19 AM > Subject: Re: IPSEC on 7.0-PRERELEASE > To: "Dr. Aharon Friedman" <AFriedman_at_drsns.com> > > > On Jan 22, 2008 11:25 AM, Dr. Aharon Friedman <AFriedman_at_drsns.com> wrote: > > This looks like the solution. It did pass compile. I have not run it yet, > > but I am sure it will work. Here is the configuration part for IPSEC: > > > > > > > > options IPSEC #IP security (requires device crypto) > > > > options IPSEC_FILTERTUNNEL #filter ipsec packets from a > > tunnel > > > > device enc #IPsec interface > > > > device crypto # core crypto support > > > > device cryptodev # /dev/crypto for access to h/w > > > > > > > > Aharon > > I have a IPSec tunnel over gif ifaces and all ok. was I supposed to > change anything ? > Sorry to reply so late, I'm traveling at the moment. In 7.0 we have moved to a single IPsec stack, that stack requires the "device crypto" line whether you're using software or hardware cryptography. I think it's time for a documentation update but that will have to wait until I clear away some other $dayjob related work. If someone is up for updating our IPsec docs I'd be able to help with that, just not do it completely on my own. Best, GeorgeReceived on Sat Jan 26 2008 - 13:58:38 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:26 UTC