>So, how does your IPsec policy look like ? (the one configured in
>/etc/inet/ipsecinit.conf or via ipsecconf(1M))
{laddr kunde003-lan raddr testssg140} ipsec {encr_algs 3des encr_auth_algs sha1
sa shared}
And /etc/init/ike/config:
p1_lifetime_secs 28800
p1_nonce_len 20
p1_xform { auth_method preshared oakley_group 2 auth_alg sha1 encr_alg 3des }
p2_pfs 2
{
label "simple inheritor"
local_addr 192.168.111.0/24
remote_addr 10.1.1.0/24
}
--
This message posted from opensolaris.org
_______________________________________________
security-discuss mailing list
[email protected]
