IPsec - obnova spojeni

Večeřa Antonín antonin.vecera at jme.cz
Fri Mar 5 07:20:28 CET 2004

Previous message: kernel - periodicke volani fce?
Next message: postfix-sendmail
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Dobry den vsem pritomnym!
 
Rad bych se zeptal na jednu vec, abych se nesnazil o neco, co treba nejde...
 
Mam IPsec mezi 2 pocitadly.
Na chvili odpojim ethernetovy kabel (popadaji otevrena spojeni) a pak jej zastrcim zpatky (simulace vypadku site..).
IPsec se ale nechce vzpamatovat -nelze otevrit nove spojeni z jednoho PC na druhy !
Proste se to tvari, jako by ten kabel byl stale vytazeny.
Pritom kdyz se podivam pres Ethereal na provoz ethernetu, tak vidim, ze tam chodi pakety ESP protokolu obema smery... :-(
 
Mam neco spatne nastavene nebo se to proste samo nevzpamatuje?
Jak se to chova Vam? 
 
 
Antonin V.
 
 
ipsec.conf
 
spdadd 192.168.0.1 192.168.0.2 any -P in ipsec esp/transport//use;
spdadd 192.168.0.2 192.168.0.1 any -P out ipsec esp/transport//use;

racoon.conf
 
/usr/local/etc/racoon/racoon.conf
 
path pre_shared_key "/usr/local/etc/racoon/psk.txt";
 
remote anonymous {
        exchange_mode aggressive, main;
        lifetime time 24 hour;
        passive on;
        proposal {
                encryption_algorithm 3des;
                hash_algorithm sha1;
                authentication_method pre_shared_key;
                dh_group 2;
        }
}
 
sainfo anonymous {
        lifetime time 12 hour;
        encryption_algorithm aes, 3des;
        authentication_algorithm hmac_sha1, hmac_md5;
        compression_algorithm deflate;
}

Previous message: kernel - periodicke volani fce?
Next message: postfix-sendmail
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users-l mailing list