Negotiation of IPsec SA
hi everyone !
nice to see that there is a forum related to openbsd !...
i have only a basic question about the VPN/IPsec implementation in openbsd 4.x - specially for ISAKMP exchanges in phase 2. it seems that this is different from other OS or vendors.
>> does openbsd accept in phase 2 a remote-subnet, which is not configured as a reachable subnet through vpn ? <<
That means subnet A and B should be reached via vpn. A and B is configured on both sides. The client (ex. netscreen) sends also a subnet C to responder (openbsd), and openbsd agreed subnet C in phase 2 even subnet C is not configured in openbsd as vpn remote-subnet.
Or is this just a problem of the configuration of openbsd, isakmpd.conf... ?
thanks a lot for your answer.
vpn is established by mainmode and preshared key.
|Thread||Thread Starter||Forum||Replies||Last Post|
|IPSec VPN configuration?||polken||OpenBSD Security||8||29th May 2012 08:48 PM|
|IPsec/pf setup||denta||OpenBSD Security||1||25th May 2012 09:08 PM|
|Need Help Please About IPsec||wong_baru||FreeBSD Security||2||21st June 2010 08:00 AM|
|ipsec with client nat||sicute||OpenBSD General||0||30th October 2008 05:39 PM|
|IPsec on openbsd||hitete||OpenBSD Installation and Upgrading||1||12th July 2008 01:57 AM|