Re: [Ipsec-tools-devel] Re: GreenBow VPN

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Yvan,

Could you provide examples? Numeric SPD and SAD entries for the below configuration - for Transport mode, and for Tunnel mode?  In form of "setkey" input (to make it easy to write and easy to read/understand)? I provided concrete IP addresses to make this exercise possible.

Thank you!!

P.S. If necessary to illustrate the point - you may assume LAN to the left of host A and to the right of host B, 9.8.7.0/24 on the left and 9.8.5.0/24 on the right.

Assumptions: host A knows about B only NATr public IP address, host B knows nothing about host A and anything to the left of it.

Host A
Initiator <-----------> NATi <-------    Internet  ----->
1.2.3.4       1.2.3.254 - 10.0.0.1

                                         Host B
-------> NATr  <----------> Responder
11.0.0.2  - 1.2.3.254      1.2.3.8

Responder (host B) runs Racoon. How would it generate SPD (and SAD)
entries for IPsec between A and B for Transport mode and for Tunnel
mode? What would those SPD entries look like? 