testing ipsec ?

Mark Street jet at sonic.net
Sat Jan 4 12:22:43 PST 2003


Looks good, you could have included the keys but it gets a bit difficult
to read.

hmmmm.... port 500 UDP needs to be open, adjust your firewall rules
accordingly.  I don't know what type you use...

On Sat, 4 Jan 2003, augie wrote:

> On Sat, Jan 04, 2003 at 10:21:26AM -0800, Mark Street wrote:
> > Confirmed Houston..... you have Ecapsulation Security Payload packets
> > What does your ipsec.conf look like without the keys....
>
> conn goku-gohan
> 	authby=rsasig
> 	left=192.168.1.2
> 	leftid=@goku.pear
> 	leftrsasigkey=...
> 	right=192.168.1.3
> 	rightid=@gohan.pear
> 	rightrsasigkey=...
> 	auto=start
>
> everything else in the conf file is the default 1.98b stuff. the only
> oddity i've found is that my firewall rules _must_ be applied after
> ipsec is up, otherwise i get no communication.
>
>  -augie
>
> ps...the keys are public keys, so i could have posted them in my reply
> right?



More information about the talk mailing list