IPsec tunnel help
Gergely CZUCZY
gergely.czuczy at harmless.hu
Thu Jul 16 06:14:58 UTC 2009
Thanks, this solved the problem. I think i was too tired and was
producing layer8 issues :)
Another question, what does the AES mean for racoon, is it AES256 or
AES128? I've seen both at some ipsec devices, and I haven't seen the
cipher size specified here.
On Thu, 16 Jul 2009 02:57:43 +0200
Jigar SOLANKI <sol4nki at gmail.com> wrote:
> Hi,
>
> I think that you can't see any outgoing traffic because there is no
> spd rule that matches any outgoing traffic ( from site A, ie you
> freebsd box) : this just comes from your second spd rule where "in"
> should be "out" :
>
> Try to replace the second rule:
>
> spdadd 192.168.0.0/24 192.168.1.64/32 any -P in ipsec
> esp/tunnel/217.150.138.138-217.150.130.163/unique;
>
>
> By :
>
>
> spdadd 192.168.0.0/24 192.168.1.64/32 any -P out ipsec
> esp/tunnel/217.150.138.138-217.150.130.163/unique;
>
>
> Hope this helps. :-)
>
> Regards,
>
> --
> SOLANKI Jigar
> ---
>
--
Sincerely,
Gergely CZUCZY
Harmless Digital Bt
+36-30-9702963
More information about the freebsd-net
mailing list