Re: [m0n0wall] IPSEC tunnel with several SAs

From:	"Christopher M. Iarocci" <iarocci at eastendsc dot com>
To:	Manuel Kasper <mk at neon1 dot net>
Cc:	m0n0wall at lists dot m0n0 dot ch, ola dot bergqvist at altair dot se
Subject:	Re: [m0n0wall] IPSEC tunnel with several SAs
Date:	Tue, 20 Jan 2004 10:43:08 -0500

Manuel Kasper wrote:

> Christopher M. Iarocci wrote:
>
>> Thank you for the solution to the problem.  Now to get Manuel to 
>> implement it.  :-)  I'm forwarding this on to him also in the hopes 
>> he can find it in his heart to include this in the next release.  :-)
>
>
> Sure, no problem, but can you confirm this: all that is really 
> required is changing "required" to "unique" in the spdadd command? No 
> side effects, no nothing (I'm too lazy to check at the moment - too 
> much going on ;)? It sure doesn't sound like it should cause problems, 
> though... The way it is now you have one SA per policy only anyway.
>
> - Manuel
>
My hacking skills in FreeBSD are VERY lacking, plus I don't have a 
machine to do it on, but it seems that Ola is already trying it out on 
his installation.  Maybe he can let us know how it goes.  Ola??  :-)

Chris