[ previous ] [ next ] [ threads ]
 From:  "Bob ." <tempuserone at yahoo dot com>
 To:  monowall <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Request help with setkey and exec.php
 Date:  Thu, 29 Dec 2005 09:57:11 -0800 (PST)
I am trying to set use IPsec to transport (not tunnel) between an XP client and Monowall.  Because
the Monowall GUI does not allow setting this up I am trying to to use setkey to establish the
policy. When I enter the setkey commands (see below) in the monowall exec.php page I get the listed
reply.  When I check the status.php there is no entries in the SPD or SAD, just like the commands
did not take.

/usr/sbin/setkey -FP
         (returns $ /usr/sbin/setkey -FP)

/usr/sbin/setkey -F
         (returns $ /usr/sbin/setkey -F)

/usr/sbin/setkey -c spdadd any -P out
         (returns $ /usr/sbin/setkey -c spdadd any -P out)

/usr/sbin/setkey -c ipsec esp/transport/
         (returns $ /usr/sbin/setkey -c ipsec esp/transport/

/usr/sbin/setkey -c spdadd any -P in
         (returns $ /usr/sbin/setkey -c spdadd any -P in)

/usr/sbin/setkey -c ipsec esp/transport/
         (returns $ /usr/sbin/setkey -c ipsec esp/transport/

  I replace in the example with (the ip of the WLAN nic)
  I replace in the example with (the ip of the XP client) 

I have tried adding " ; " to the end of each command and the results are the same.

I would appreciate any help on setting up the transport policy without using the GUI.  Thanks, Bob.

Yahoo! Photos
 Ring in the New Year with Photo Calendars. Add photos, events, holidays, whatever.