Package: ipsec-tools (1:0.8.0-14) I am trying to establish a GRE/IPSEC tunnel over v6. Following is the entry in /etc/ipsec-tools.conf file :
spdadd 2001:470:bb12:200::12 2001:4b8:1::288 gre -P out ipsec esp/transport//require; spdadd 2001:4b8:1::288 2001:470:bb12:200::12 gre -P in ipsec esp/transport//require; In the above case the entries are not getting added to SAD and racoon's phase 1 negotiations are not happening. If I change the protocol from "gre" to "any": spdadd 2001:470:bb12:200::12 2001:4b8:1::288 any -P out ipsec esp/transport//require; spdadd 2001:4b8:1::288 2001:470:bb12:200::12 any -P in ipsec esp/transport//require; In this case SAD is populated and IPSEC tunnels is established. 2014-02-11 15:46:23: INFO: IPsec-SA established: ESP/Transport 2001:4b8:1::288[500]->2001:470:bb12:200::12[500] spi=264498919(0xfc3eee7) 2014-02-11 15:46:23: INFO: IPsec-SA established: ESP/Transport 2001:4b8:1::288[500]->2001:470:bb12:200::12[500] spi=138505741(0x8416e0d) Looking forward to a positive response. Cheers! Abhishek -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
