DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 6th August 2012
xeniades xeniades is offline
New User
 
Join Date: Aug 2012
Posts: 5
Thanked 0 Times in 0 Posts
Unhappy Negotiation of IPsec SA

hi everyone !
nice to see that there is a forum related to openbsd !...

i have only a basic question about the VPN/IPsec implementation in openbsd 4.x - specially for ISAKMP exchanges in phase 2. it seems that this is different from other OS or vendors.
>> does openbsd accept in phase 2 a remote-subnet, which is not configured as a reachable subnet through vpn ? <<
That means subnet A and B should be reached via vpn. A and B is configured on both sides. The client (ex. netscreen) sends also a subnet C to responder (openbsd), and openbsd agreed subnet C in phase 2 even subnet C is not configured in openbsd as vpn remote-subnet.
Or is this just a problem of the configuration of openbsd, isakmpd.conf... ?
thanks a lot for your answer.
vpn is established by mainmode and preshared key.

Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
IPSec VPN configuration? polken OpenBSD Security 8 29th May 2012 08:48 PM
IPsec/pf setup denta OpenBSD Security 1 25th May 2012 09:08 PM
Need Help Please About IPsec wong_baru FreeBSD Security 2 21st June 2010 08:00 AM
ipsec with client nat sicute OpenBSD General 0 30th October 2008 05:39 PM
IPsec on openbsd hitete OpenBSD Installation and Upgrading 1 12th July 2008 01:57 AM


All times are GMT. The time now is 12:35 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick