Thread: [Ipsec-tools-devel] Tunnel mode with machines which are directly connected.
Brought to you by:
mit_warlord,
netbsd
From: Raghu <rag...@gm...> - 2009-06-25 07:01:15
|
Hi, Is it possible to use tunnel mode with machines which are directly connected? I have two machines (machine 1 : x.y.z.204 and machine 2: x.y.z.241 ) connected directly with each other. Am using the following policies on machine 1 *spdadd x.y.z.204 x.y.z.241 any -P out ipsec esp/tunnel/x.y.z.204-x.y.z.241/require; spdadd x.y.z.241 x.y.z.204 any -P in ipsec esp/tunnel/x.y.z.241-x.y.z.204/require; *and similar policies with direction modified on machine 2.* *However when I do "ping -I x.y.z.204 x.y.z.241" I see no activity with racoon.* *Is there anything wrong with my policies? Any help will be appreciated immensely! Thanks, Raghu |