IPSEC tunnel FreeBSD Freeswan (dlouhe)

[Dan Lukes]

Josef Dvorak napsal/wrote, On 05/31/04 10:09:
> Nicmene zmineny parametr jsem zkusil vyhodit, ale bez efektu. Spis to vypada
> na ten proposal - viz. detailnejsi log:
> 
> 2004-05-31 10:05:03: DEBUG: proposal.c:828:printsaproto():  (proto_id=ESP
> spisize=4 spi=ace5cd20 spi_p=00000000 encmode=Tunnel reqid=0:0)
> 2004-05-31 10:05:03: DEBUG: proposal.c:862:printsatrns():   (trns_id=3DES
> encklen=0 authtype=hmac-md5)
> 2004-05-31 10:05:03: DEBUG: proposal.c:862:printsatrns():   (trns_id=3DES
> encklen=0 authtype=hmac-sha)
> 2004-05-31 10:05:03: DEBUG: proposal.c:828:printsaproto():  (proto_id=IPCOMP
> spisize=2 spi=000041e9 spi_p=00000000 encmode=Tunnel reqid=0:0)
> 2004-05-31 10:05:03: DEBUG: proposal.c:869:printsatrns():
> (trns_id=DEFLATE)
> 2004-05-31 10:05:03: DEBUG: ipsec_doi.c:993:get_ph2approvalx(): my single
> bundle:
> 2004-05-31 10:05:03: DEBUG: proposal.c:828:printsaproto():  (proto_id=ESP
> spisize=4 spi=00000000 spi_p=00000000 encmode=Tunnel reqid=0:0)
> 2004-05-31 10:05:03: DEBUG: proposal.c:862:printsatrns():   (trns_id=3DES
> encklen=0 authtype=hmac-sha)
> 2004-05-31 10:05:03: ERROR: ipsec_doi.c:1001:get_ph2approvalx(): not matched

	No, me se v te vzdalene nabidce nelibi ten IPCOMP ...

	Uz jen proto, ze udajne ma mit FreesWAN defaultne kompresi zakazanou a 
ja v tom tvem konfiguraku nevidel jeji povoleni.

	Osobne bych za lepsi pokus ted videl explicitne zakazat kompresi na 
strane Linuxu nez se pokouset rozchodit ji na FreeBSD. Coz znamena 
pridat do konfigurace "compress no" a podivat se, co to udela.

	

						Dan



-- 
Dan Lukes     tel: +420 2 21914205, fax: +420 2 21914206
root of  FIONet, KolejNET,  webmaster  of www.freebsd.cz
AKA: dan at obluda.cz, dan at freebsd.cz,dan at kolej.mff.cuni.cz