hricht-
Von: Scott Ullrich [mailto:[EMAIL PROTECTED]
Gesendet: Samstag, 7. April 2007 21:31
An: support@pfsense.com
Betreff: Re: AW: [pfSense Support] IPSec connection problem
On 4/7/07, Fuchs, Martin <[EMAIL PROTECTED]> wrote:
> And another one
> Attached...
>
> Until now
Hmmm... that's sad...
But ok ;-)
Thanks for having a look,
Martin
-Ursprüngliche Nachricht-
Von: Scott Ullrich [mailto:[EMAIL PROTECTED]
Gesendet: Samstag, 7. April 2007 21:31
An: support@pfsense.com
Betreff: Re: AW: [pfSense Support] IPSec connection problem
On 4/7/07, Fuchs, M
On 4/7/07, Fuchs, Martin <[EMAIL PROTECTED]> wrote:
And another one
Attached...
Until now i tried a bit but without success :-(
It killed my ipsec config ;-)
Unfortunately this is going to require too much refactoring to be able
to make it into 1.2. I have removed the IP Compression box and w
richt-
Von: Scott Ullrich [mailto:[EMAIL PROTECTED]
Gesendet: Samstag, 7. April 2007 02:56
An: support@pfsense.com
Betreff: Re: AW: [pfSense Support] IPSec connection problem
On 4/6/07, Matthew Grooms <[EMAIL PROTECTED]> wrote:
> This means the protocol is enabled in the kernel. If it
On 4/6/07, Matthew Grooms <[EMAIL PROTECTED]> wrote:
This means the protocol is enabled in the kernel. If it was configured
for an IPSEC policy in use, you would see IPCOMP security associations
via 'setkey -D' much the same as ESP or AH security associations. As
traffic passes, the sequence numb
Fuchs, Martin wrote:
It tells me ipcomp tob e enabled:
net.inet.ipcomp.ipcomp_enable: 1
This means the protocol is enabled in the kernel. If it was configured
for an IPSEC policy in use, you would see IPCOMP security associations
via 'setkey -D' much the same as ESP or AH security associatio
in [mailto:[EMAIL PROTECTED]
Gesendet: Samstag, 7. April 2007 00:41
An: support@pfsense.com
Betreff: AW: [pfSense Support] IPSec connection problem
It tells me ipcomp tob e enabled:
net.inet.ipcomp.ipcomp_enable: 1
-Ursprüngliche Nachricht-
Von: Scott Ullrich [mailto:[EMAIL PROTECTED]
It tells me ipcomp tob e enabled:
net.inet.ipcomp.ipcomp_enable: 1
-Ursprüngliche Nachricht-
Von: Scott Ullrich [mailto:[EMAIL PROTECTED]
Gesendet: Samstag, 7. April 2007 00:25
An: support@pfsense.com
Betreff: Re: [pfSense Support] IPSec connection problem
On 4/6/07, Fuchs, Martin
On 4/6/07, Fuchs, Martin <[EMAIL PROTECTED]> wrote:
Just in progress :-)
I run a vpn test with ixia qcheck with and without compression and got the
following results:
Compression on: 672,892 Kbps
Compression off: 675,562 Kbps
Hmmm, looks strange to me as i fit would not compress too much !?
: Scott Ullrich [mailto:[EMAIL PROTECTED]
Gesendet: Freitag, 6. April 2007 23:32
An: support@pfsense.com
Betreff: Re: [pfSense Support] IPSec connection problem
On 4/6/07, Fuchs, Martin <[EMAIL PROTECTED]> wrote:
> Just downloaded the new snapshot and tested the following:
>
> Both tunne
On 4/6/07, Fuchs, Martin <[EMAIL PROTECTED]> wrote:
Just downloaded the new snapshot and tested the following:
Both tunnel-endpoints are pfsense with the latest snapshot
server uncompressed with client compressed: works
server compressed with client uncompressed: works
both server and client se
:-)
-Ursprüngliche Nachricht-
Von: Scott Ullrich [mailto:[EMAIL PROTECTED]
Gesendet: Freitag, 6. April 2007 20:40
An: support@pfsense.com
Betreff: Re: [pfSense Support] IPSec connection problem
On 4/6/07, Fuchs, Martin <[EMAIL PROTECTED]> wrote:
> Cool, i'll check...
>
> If the
You're the boss ;-)
Report follows ;-)
-Ursprüngliche Nachricht-
Von: Scott Ullrich [mailto:[EMAIL PROTECTED]
Gesendet: Freitag, 6. April 2007 20:40
An: support@pfsense.com
Betreff: Re: [pfSense Support] IPSec connection problem
On 4/6/07, Fuchs, Martin <[EMAIL PROTECTED
On 4/6/07, Fuchs, Martin <[EMAIL PROTECTED]> wrote:
Cool, i'll check...
If the other side does not support compression, it will not be used, the tunnel
will be established anyway, correct ?
Not sure. Try it and report back.
Scott
f: Re: [pfSense Support] IPSec connection problem
On 3/31/07, Fuchs, Martin <[EMAIL PROTECTED]> wrote:
> Hmmm, sounds interessing...
> Does it work with the stack used in pfsense ? and if yes, will it be
> implemented ?
I must have had a brain fart because we already had support for
On 3/31/07, Fuchs, Martin <[EMAIL PROTECTED]> wrote:
Hmmm, sounds interessing...
Does it work with the stack used in pfsense ? and if yes, will it be
implemented ?
I must have had a brain fart because we already had support for IPSEC
compression as a hidden option.
I just added a checkbox to
] IPSec connection problem
On 3/31/07, Matthew Grooms <[EMAIL PROTECTED]> wrote:
> IPCOMP is supported. It should work fine with the KAME IPSEC stack. FAST
> IPSEC has issues and is disabled via sysctl by default ...
>
> net.inet.ipcomp.ipcomp_enable: 0
I stand corrected. Learn somet
On 3/31/07, Matthew Grooms <[EMAIL PROTECTED]> wrote:
IPCOMP is supported. It should work fine with the KAME IPSEC stack. FAST
IPSEC has issues and is disabled via sysctl by default ...
net.inet.ipcomp.ipcomp_enable: 0
I stand corrected. Learn something new every day.
Scott
Scott Ullrich wrote:
On 3/30/07, Fuchs, Martin <[EMAIL PROTECTED]> wrote:
You can add a ping statement tot he ipsec-tunnel so it builds up
immediately...
Compression is not used i presume...
Correct. Compression is not a feature in FreeBSD. If someone would
like to port it from OpenBSD tha
On 3/30/07, Fuchs, Martin <[EMAIL PROTECTED]> wrote:
You can add a ping statement tot he ipsec-tunnel so it builds up immediately...
Compression is not used i presume...
Correct. Compression is not a feature in FreeBSD. If someone would
like to port it from OpenBSD that would be fantastic.
TED]>
To: "Support PfSense"
Sent: Friday, March 30, 2007 2:09 PM
Subject: [pfSense Support] IPSec connection problem
> Hi,
>
>I have two pfsense and trying to do a IPsec tunnel, however I´m having
> no sucess. The two points have static IP´s and first I used the defa
INFO: begin Aggressive mode.
Mar 30 14:15:35 racoon: INFO: respond new phase 1 negotiation:
200.xx.93.210[500]<=>201.xxx.20.10[500]
--
Diego
- Original Message -
From: "Diego Morato" <[EMAIL PROTECTED]>
To: "Support PfSense"
Sent: Friday, March 30, 20
Hi,
I have two pfsense and trying to do a IPsec tunnel, however I´m having
no sucess. The two points have static IP´s and first I used the default
options of the webgui. After I´m followed this doc:
http://doc.m0n0.ch/handbook/ipsec-tunnels.html.
Is there something that need to be allow
23 matches
Mail list logo