Hi,
I need some help for ipsec configurations -- I was trying to
use per-socket
based IPsec with racoon. I have used setsockopt to set the
ipsec policy on
the socket. Then i started racoon with default
configuration of remote and
sainfo being anonymous. Now when i try to send out some ICMP
packets, racoon
gets a notification for key-acquire; however, racoon seems
to be checking
the policy id in its database and couldnt find one.. so it
has thrown an
error saying no spdid found!! and it hasnt initiated any key
negotiations...
is this expected? racoon doesnt work with per-socket based
ipsec? if thats
the case; how the SA entry in the security policy in the
socket will get
filled? Or do I need to use setkey to add an SPD even if i
use per-socket
based ipsec?
can somebody please help me in understanding this?
Thanks,
Adityaa
_______________________________________________
freebsd-net freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to
"freebsd-net-unsubscribefreebsd.org"
|