I failed to mentioned CARP interfaces are only IPv4 not IPv6 also, I don't
have vlan. Please help! I can't find any references on how to fix this issue
on google.
Thanks,
From: Motty [mailto:motty.c...@gmail.com]
Sent: Tuesday, July 26, 2016 10:12 AM
To: 'misc@openb
I have two gateways carp between them, recently I notice they bounced back
between them with the following erro:
Jul 26 09:41:11 AN1 /bsd: carp0: state transition: MASTER -> BACKUP
Jul 26 09:41:11 AN1 /bsd: carp3: state transition: MASTER -> BACKUP
Jul 26 09:41:11 AN1 /bsd: carp2: state transiti
configuring ipsec.conf with ipcomp seem to be difficult then I thought.
I enable ipcomp
# sysctl -a | grep ipcomp
net.inet.ipcomp.enable=1
ipcomp is enabled on both gateways. Here is ipsec.conf:
flow ipcomp from 10.10.10.0/24 to 10.10.2.0/24 \
peer 192.168.1.57
ike esp from 10.10.10.0/2
I see the following error in my firewall log:
client limit (100) reached, refusing connection from xx.xxx.x.26 (this
IP is on the firewall interface facing the public)
proxy cannot connect to server xx.xxx.x.48: No route to host
Thanks,
_Motty
Thank you very much!
### RULES FOR FTP
anchor "ftp-proxy/*"
pass in quick inet proto tcp to port ftp divert-to 127.0.0.1 port 8021
pass out inet proto tcp from $ext to any port ftp
worked for me!
On 10/23/2015 11:09 AM, Giancarlo Razzolini wrote:
> Em 23-10-2015 12:58, M
xt
pass out keep state
pass out all
The error I get:
Response:200 Type set to I.
Command:PASV
Response:227 Entering Passive Mode (1,2,3,4,228,236)
Command:LIST
Error:Connection timed out
Error:Failed to retrieve directory listing
please advise!
Thanks,
_Motty
On 10/23/
Hello, I am trying to configure pf.conf (OpenBSD 5.6) to allow clients
to access ftp server using passive mode on my internal network.
network consist of a DSL modem with public IP 1.2.3.4 on the outside and
10.1.10.1 on the inside network. However, the dsl modem does not provide
any security,
Thank you for your suggestion,
I already have connections to peers using isakmpd, am afraid to bring
those connections down to switch over to ipsec.
On 07/11/2015 05:02 PM, carlos albino garcia grijalba wrote:
> use ipsec.conf the new configuration are simple i have connections
> from cisco pee
Hello,
I have a gateway machine OpenBSD 5.5 that won't not initiate connection
to peer. The one way to establish VPN tunnel is if peer ping IP in my
subnet.
in pf.conf
IpsecClients="{ 173.16.2.20/32, 139.19.10.51/32 }"
IpsecHosts="{ 192.16.38.24/27 }"
# IPSec VPN tunnel
pass in on $OUTSIDE
trying to send a community string to our neighbor here is my configuration:
# ISP peer 1 announcements only#
neighbor 19.25.16.13 {
remote-as 7X32
descr "level1"
announce all
set community 7X32:100
tcp md5sig password "passwd2"
}
here is
running the command "route show" does not get the full internet routing
table as I should. However, if I run "bgpctl show rib" I get the full
routing table. Router is routing packets fine, however, I am concern
that something may be wrong.
any explanation as to why this is happening?
# bgpctl
5.5 bpgd.conf.
Thanks
Motty
Hello All,
is actually OpenBSD 4.8 not OpenBSD 5.5, I apologize for the mistake.
I still get the exchange_run: doi->initiator error, not even sure what
to look for.
Thanks,
Motty
On 01/16/2015 01:16 PM, mxb wrote:
Hey,
You probably want to start with ipsec.conf(5).
isakmpd.conf is genera
Thanks Br,
I tried it but did not generated isakmpd for me.
do you have any idea of what "exchange_run: doi->initiator" means?
Thanks,
Motty
On 01/16/2015 01:16 PM, mxb wrote:
Hey,
You probably want to start with ipsec.conf(5).
isakmpd.conf is generated out of ipsec.conf.
I
ks in advance,
-Motty
Thank you Juan,
I appreciate your suggestions and advice.
I am planning on using Dual socket B2 (LGA 1356) supports Intel® Xeon®
processor E5-2400 v2, I suppose i386 would perform better rather than 64bit
amd processor. Thank you again!
Thanks,
Motty
On 11/25/2014 03:01 PM, Juan J. Fernandez
Hello all,
I am searching for hardware to build a router with OpenBSD. I have found
mixed signals as to fastest system with i386 or 64bit. I know in the
past i386 OpenBSD used to perform a lot better than 64bit system.
Any suggestions!
Thanks,
Motty
Thank you all,
I used this command.
ps aux
kill 29309
kill 7908
ps aux
isakmpd -S
sasyncd
Thanks,
On Fri, Jul 25, 2014 at 8:29 AM, Reyk Floeter wrote:
> On Fri, Jul 25, 2014 at 08:17:15AM -0700, motty cruz wrote:
> > Hello, how to reload configuration without restartin
Hello, how to reload configuration without restarting isakmpd?
Thanks,
19 matches
Mail list logo
