Displaying 9 results from an estimated 9 matches for "ipsec_esp".
2006 May 06
1
IPsec with racoon2
...ipsec_sa_lifetime_byte infinite;
};
sa {
esp_enc_alg { aes128_cbc; 3des_cbc; };
esp_auth_alg { hmac_sha1; hmac_md5; };
};
};
ipsec ipsec_ah_esp {
ipsec_sa_lifetime_time 28800 sec;
sa_index { ah_01; esp_01; };
};
ipsec ipsec_esp {
ipsec_sa_lifetime_time 28800 sec;
sa_index esp_01;
};
sa ah_01 {
sa_protocol ah;
ah_auth_alg { hmac_sha1; hmac_md5; };
};
sa esp_01 {
sa_protocol esp;
esp_enc_alg { aes128_cbc; 3des_cbc; };
esp_auth_alg { hmac_sha1; hmac_md5; };
};
# biosa-...
2005 May 17
4
HOW TO Enable IPSec for FreeBSD.......???
...tem.
First, I copied the generic kernel configuration file
to a file I called MYKERNEL:
#cp /usr/src/sys/i386/conf/GENERIC
/usr/src/sys/i386/conf/MYKERNEL
Then, I added the following three lines to the options
section of /usr/src/sys/i386/conf/MYKERNEL:
options IPSEC
options IPSEC_ESP
options IPSEC_DEBUG
After that I recompile the kernel with the following
command:
# cd /usr/src
# make buildkernel KERNCONF=IPSEC && make
installkernel KERNCONF=IPSEC
And also installed IKE support on my system with the
following command using racoon:
cd /usr/ports/security/raco...
2006 Mar 18
2
IPSEC with MAC/MLS support crack
...mbuf
is mangled by unknown reasons.
Following is my kernel configuration:
options MAC
options MAC_DEBUG
options UFS_EXTATTR
options UFS_EXTATTR_AUTOSTART
options MAC_MLS
# uncomment to put sebsd to kernel, but better to
options IPSEC
options IPSEC_ESP
options IPSEC_DEBUG
Following is the kernel dump backtrace:
#0 0xc0668f0b in kdb_enter (msg=0x12 <Address 0x12
out of bounds>) at cpufunc.h:60
#1 0xc06509ab in panic (fmt=0xc08e6470
"mac_mls_dominate_element: b->mme_type invalid")
at ../../../kern/kern_shutdown.c:...
2005 Dec 07
1
racoon with freebsd-4.11 crashes
...gotiation with other gateway to establish the
SA.
I am not understading as to why it is going in
key_checkrequest ans crashing.
Please anyone who have used racoon with hfreebsd-4.11
can guide me if i am doing something wrong. The config
file is given below.
I have compiled the kernel with IPSEC ,IPSEC_ESP
options.
I am using a preshared key file.
my configuration file is given below:
#!/usr/local/bin/racoon
# CONFIGURATION FILE FOR 192.168.190.44
path include "/root";
path pre_shared_key "/root/psk.txt";
log debug2;
padding {
maximum_length 20;
randomize off;
strict_che...
2003 May 16
2
make installworld fails : touch not found ?
...options UCONSOLE
options USERCONFIG #boot -c editor
options INET #Internet communications protocols
options INET6 #IPv6 communications protocols
options IPSEC #IP security
options IPSEC_ESP #IP security (crypto; define w/
IPSEC)
pseudo-device ether #Generic Ethernet
pseudo-device loop #Network loopback device
pseudo-device bpf #Berkeley packet filter
pseudo-device gif #IPv6 and IPv4 tu...
2003 Aug 22
1
nforce2 usb is broken on -stable
...--------------
machine i386
cpu I686_CPU
ident ATRENS
maxusers 0
# disable for now, breaks my hpt374 kernel module
#
#options PAE
options INET #InterNETworking
options INET6 #IPv6 communications protocols
options IPSEC #IP security
options IPSEC_ESP #IP security (crypto; define w/ IPSEC)
options IPSEC_DEBUG #debug for IP security
pseudo-device crypto # core crypto support
pseudo-device cryptodev # /dev/crypto for access to h/w
options VESA
device hifn # Hifn 79...
2003 Jul 17
1
device troubles after stable update
...sions
options _KPOSIX_PRIORITY_SCHEDULING
options ICMP_BANDLIM #Rate limit bad replies
options KBD_INSTALL_CDEV # install a CDEV entry in /dev
options USER_LDT #user LDT for WINE and nvidia
#IPSEC
options IPSEC
options IPSEC_ESP
#IPFW
options IPFIREWALL #firewall
options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by default
#NAT
options IPDIVERT
device isa
device eisa
device pci
# Floppy drives
device fdc0 at isa? port IO_FD1 irq 6 drq 2...
2004 Apr 27
2
IPsec works, but racoon/IKE does not
I have no idea whatsoever as to why racoon/IKE does not work here.
I've tried various how-to documents but found nothing that works for
me.
Gateway (10.0.0.1) running 4.9-stable.
Laptop (10.0.0.10) running 5.2.1-release.
Both running racoon-20040408a
On the gateway 10.0.0.1
# cat /etc/ipsec.conf
add 10.0.0.1 10.0.0.10 esp 691 -E rijndael-cbc "1234567890123456" -A
hmac-sha1
2003 Aug 12
2
panic with today's stable
...NETGRAPH_PPPOE
options NETGRAPH_PPTPGRE
options NETGRAPH_RFC1490
options NETGRAPH_SOCKET
options NETGRAPH_TEE
options NETGRAPH_TTY
options NETGRAPH_UI
options NETGRAPH_VJC
options IPSEC #IP security
options IPSEC_ESP #IP security (crypto; define w/ IPSEC)
options IPSEC_DEBUG #debug for IP security
options IPFIREWALL #firewall
options IPFW2 #firewall
options IPFIREWALL_VERBOSE #enable logging to syslogd(8)
options IPFIR...