Problem with Racoon/IPSec/Setkey - Routing to/from multiple
netwo rks
Helge Oldach
helge.oldach at atosorigin.com
Mon Nov 17 08:41:35 PST 2003
Jamie Heckford:
>/usr/sbin/setkey -c << EOF
>flush;
>spdflush;
>spdadd ${LOCAL_NETWORK} ${STJUST_NETWORK} any -P out ipsec
>esp/tunnel/${LOCAL_OUTSIDE}-${STJUST_OUTSIDE}/require;
>spdadd ${STJUST_NETWORK} ${LOCAL_NETWORK} any -P in ipsec
>esp/tunnel/${STJUST_OUTSIDE}-${LOCAL_OUTSIDE}/require;
>spdadd ${ALLNET_1} ${STJUST_NETWORK} any -P out ipsec
>esp/tunnel/${LOCAL_OUTSIDE}-${STJUST_OUTSIDE}/require;
>spdadd ${STJUST_NETWORK} ${ALLNET_1} any -P in ipsec
>esp/tunnel/${STJUST_OUTSIDE}-${LOCAL_OUTSIDE}/require;
>spdadd ${LOCAL_NETWORK} ${BENELUX_NETWORK} any -P out ipsec
>esp/tunnel/${LOCAL_OUTSIDE}-${BENELUX_OUTSIDE}/require;
>spdadd ${BENELUX_NETWORK} ${LOCAL_NETWORK} any -P in ipsec
>esp/tunnel/${BENELUX_OUTSIDE}-${LOCAL_OUTSIDE}/require;
>spdadd ${ALLNET_1} ${BENELUX_NETWORK} any -P out ipsec
>esp/tunnel/${LOCAL_OUTSIDE}-${BENELUX_OUTSIDE}/require;
>spdadd ${BENELUX_NETWORK} ${ALLNET_1} any -P in ipsec
>esp/tunnel/${BENELUX_OUTSIDE}-${LOCAL_OUTSIDE}/require;
>EOF
Try using "unique" instead of "require".
Helge
More information about the freebsd-net
mailing list