D. Hugh Redelmeier wrote:
I probably wrote most of the ISAKMP implementation that you are using
(Pluto, part of FreeS/WAN) if you are using IPSec on an old Linux
system. Many people now use Raccoon instead. I don't know anything
about masquarading ISKAMP (yuck).
Are you intentionally using IPsec? Trying to Masquarade it? Or is
this some kind of accident (eg. a random UDP 500 message being caught by
ipchains)?
Here's an old HowTo that might be useful (I've not tried it).
I think you forgot the link - but I have a slightly different question
anyway...
Do you know if it is possible to connect a linux GRE tunnel to a Cisco
router (that part is easy), then crypto map the GRE packets at the Cisco
physical interface and do something to match on the Linux side so you
end up with normal-looking interfaces on both sides that can do
multicast, routing protocols, etc.? This is common Cisco<->Cisco and
would be equally useful Linux<->Cisco but I don't recall ever seeing any
documentation for doing it that way.
--
Les Mikesell
lesmikesell@xxxxxxxxx
