creating an IPsec SA with ports specified
- From: Jiri Klimes <klimes@xxxxxxxxxx>
- Date: Mon, 19 Dec 2005 10:45:10 +0100
Hello,
I am not able to create an IPsec SA with ports specified.
I've been successful neither with setkey nor programmatically using PF_KEY
messages.
I use linux (kernel 2.6.13)
1) setkey (using version 0.6.4)
add 10.0.11.41[2365] 10.0.11.33[2416] esp 0x10001
-E des-cbc 0x3ffe05014819ffff
-A hmac-md5 "authentication!!";
2) PF_KEY messages
I've set protocol to UDP
And src and dst address populated with ports.
However dumping setkey -Dp, still shows ports zero
10.0.0.11.41[0] 10.0.11.33[0]
esp mode=transport spi=65537(0x00010001) reqid=0(0x00000000)
E: des-cbc 3ffe0501 4819ffff
A: hmac-md5 61757468 656e7469 63617469 6f6e2121
seq=0x00000000 replay=0 flags=0x00000000 state=mature
created: Dec 19 10:18:07 2005 current: Dec 19 10:42:02 2005
diff: 1435(s) hard: 0(s) soft: 0(s)
last: hard: 0(s) soft: 0(s)
current: 0(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 0 hard: 0 soft: 0
sadb_seq=0 pid=6581 refcnt=0
What am I doing wrong? Or is there an bug?
Jirka
.
- Follow-Ups:
- Re: creating an IPsec SA with ports specified
- From: VANHULLEBUS Yvan
- Re: creating an IPsec SA with ports specified
- Prev by Date: Re: IP ranges used in North America, Hawaii, and Alaska?
- Next by Date: Re: creating an IPsec SA with ports specified
- Previous by thread: IP ranges used in North America, Hawaii, and Alaska?
- Next by thread: Re: creating an IPsec SA with ports specified
- Index(es):
Relevant Pages
|
