On 04/01/07, viq <[EMAIL PROTECTED]> wrote:
On the almost-latest snapshots ipsecctl kept dumping core on me when trying to start up the VPN, right now on the newest snapshot available it doesn't, but only IPv6 traffic gets encapsulated. Both boxes are: OpenBSD 4.0-current (GENERIC) #1332: Wed Jan 3 21:24:57 MST 2007 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERICRouter ipsec.conf: ike passive esp from any to any \ main auth hmac-sha1 enc aes group modp2048 \ quick auth hmac-ripemd160 enc aes group modp2048 \ srcid [EMAIL PROTECTED] dstid [EMAIL PROTECTED] Laptop ipsec.conf: ike dynamic esp from egress to any peer keibi.viq.ath.cx \ main auth hmac-sha1 enc aes group modp2048 \ quick auth hmac-ripemd160 enc aes group modp2048 \ srcid [EMAIL PROTECTED] dstid [EMAIL PROTECTED]
After recent fixes in the latest snapshot (i386 #1337) it works fine... At least when the laptop has only IPv4 network available. In my own network, which is IPv6 enabled, only IPv6-in-IPv6 encapsulation happens, all IPv4 traffic doesn't enter the tunnel. Is that a bug, or a feature? -- viq
