Re: creating an IPsec SA with ports specified
- From: VANHULLEBUS Yvan <vanhu@xxxxxxxxxxxxxx>
- Date: 19 Dec 2005 10:51:18 +0100
Jiri Klimes <klimes@xxxxxxxxxx> writes:
> Hello,
>
> I am not able to create an IPsec SA with ports specified.
> I've been successful neither with setkey nor programmatically using PF_KEY
> messages.
>
> I use linux (kernel 2.6.13)
>
> 1) setkey (using version 0.6.4)
> add 10.0.11.41[2365] 10.0.11.33[2416] esp 0x10001
> -E des-cbc 0x3ffe05014819ffff
> -A hmac-md5 "authentication!!";
What do you want exactly to do by setting up ports ?
If you want to protect traffic for only some ports, then this must be
done in the SPD, not in the SAs.
If you really want to create static SAs to use UDP encapsulation on
ports 2365 -> 2416, then my next question will be "do you really hope
such configuration will work ????"....
Yvan.
.
- Follow-Ups:
- Re: creating an IPsec SA with ports specified
- From: Jiri Klimes
- Re: creating an IPsec SA with ports specified
- References:
- creating an IPsec SA with ports specified
- From: Jiri Klimes
- creating an IPsec SA with ports specified
- Prev by Date: creating an IPsec SA with ports specified
- Next by Date: Re: IP ranges used in North America, Hawaii, and Alaska?
- Previous by thread: creating an IPsec SA with ports specified
- Next by thread: Re: creating an IPsec SA with ports specified
- Index(es):
Relevant Pages
|
