|
How to implement IPsec in IPv6 postfix mail server
I start my IPsec use IPsec-tools.I configure two files that are /etc/racoon/racoon.conf and /etc/racoon/setkey.sh.
That is my racoon.conf path include "/etc/racoon"; path pre_shared_key "/etc/racoon/psk.txt"; #path certificate "/etc/racoon/certs"; listen { isakmp 2001:328:2003:2::5; } remote 2001:328:2003:2::10 { exchange_mode main; lifetime time 24 hour; proposal { encryption_algorithm 3des; hash_algorithm md5; authentication_method pre_shared_key; dh_group 2; } } sainfo address 2001:328:2003:2::5 any address 2001:328:2003:2::10 any { lifetime time 1 hour; encryption_algorithm 3des; authentication_algorithm hmac_md5; compression_algorithm deflate; } sainfo address 2001:328:2003:2::10 any address 2001:328:2003:2::5 any { lifetime time 1 hour; encryption_algorithm 3des; authentication_algorithm hmac_md5; compression_algorithm deflate; } include "/etc/racoon/192.168.1.5.conf"; include "/etc/racoon/192.168.1.2.conf"; include "/etc/racoon/2001:328:2003:2::2.conf"; include "/etc/racoon/2001:328:2003:2::10.conf"; my "setkey.sh" #!/sbin/setkey -f flush; spdflush; spdadd 2001:328:2003:2::1 2001:328:2003:2::2 any -P out ipsec esp/transport//require; spdadd 2001:328:2003:2::2 2001:328:2003:2::1 any -P in ipsec esp/transport//require; then i tye setkey -D [root@mailv6 racoon]# setkey -D No SAD entries. Thanks. |
Problem compile kernel to support IPsec
My kernel version is 2.6.15-1.2054_FC5 ,so should I recompile my kernle to support IPsec?
Thanks. |
Look into this url,it may be of some help:
driving traffic not allowed here! |
Please, don't resurrect ancient threads only to promote your own site. This is in violation of the LQ rules:
Quote:
|
| All times are GMT -5. The time now is 08:24 AM. |