|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Shoichi Sakane (sakane
kame.net)Date: Tue Mar 05 2002 - 04:05:25 CST
> > the message means the SPD entry to be used this negotiation has
> > different ipsec tunnel end points, such like
> > spdadd X Y any -P out ipsec
> > esp/tunnel/A-B/use
> > esp/tunnel/A-C/use;
> Uhm, i've read and kind of docs about the last parameter on the spdadd
> (use/unique/etc/) but is it explained anywhere when i use what and why?
> If i wanna set up a box as a concentrator what parm do i use then?
although i haven't understood what you mean, the kernel can understand
the SP entry which is defined different ipsec tunnel end points.
when you configure propoer SAs by using setkey(8) against such SP entry,
you will get a nested IPsec tunnel.
but racoon just doesn't support it as i said.
To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]