Re: File transfers in the clear?

Greg Troxel Wed, 28 Feb 2001 16:29:42 -0800

I'm running coda over IPsec ESP, using 3DES and HMAC-SHA1.  The new
masquerade option to venus makes spd setup easier, as one only needs
to protect things with udp 370 or udp 2432 as the destination.


For a client with setkey from FreeBSD 4.2+KAME:

# Coda masquerading
spdadd 0.0.0.0/0[any] 0.0.0.0/0[370] udp
        -P out ipsec esp/transport//require ;
spdadd 0.0.0.0/0[370] 0.0.0.0/0[any] udp
        -P in ipsec esp/transport//require ;
spdadd 0.0.0.0/0[any] 0.0.0.0/0[2432] udp
        -P out ipsec esp/transport//require ;
spdadd 0.0.0.0/0[2432] 0.0.0.0/0[any] udp
        -P in ipsec esp/transport//require ;

The server is similar:

# clog from/to client
spdadd 0.0.0.0/0[any] CODA-SERVERS-ADDR/32[370] udp
        -P in ipsec esp/transport//require ;
spdadd CODA-SERVERS-ADDR/32[370] 0.0.0.0/0[any] udp
        -P out ipsec esp/transport//require ;

## CODA masquerading
spdadd 0.0.0.0/0[any] CODA-SERVERS-ADDR/32[2430] udp
        -P in ipsec esp/transport//require ;
spdadd CODA-SERVERS-ADDR/32[2430] 0.0.0.0/0[any] udp
        -P out ipsec esp/transport//require ;



        Greg Troxel <[EMAIL PROTECTED]>

Re: File transfers in the clear?

Reply via email to