[redhat-lspp] using ah and esp protocols in ipsec
Joy Latten
latten at austin.ibm.com
Mon Oct 16 22:20:46 UTC 2006
Paul,
When ipsec policy is specified as:
spdadd 9.3.189.57 9.3.192.210 any
-ctx 1 1 "system_u:object_r:passwd_t:s3"
-P out ipsec
esp/transport//require ah/transport//require;
Since I specified both esp and ah protocols,
racoon created 4 SAs, 2 for esp and 2 for AH.
All four SAs created had the following security context:
security context: root:sysadm_r:ping_t:s0-s15:c0.c1023
(A ping resulted in the SAs being created.)
Hope this helps. Let me know if there is anything else I
can help with.
Regards,
Joy
More information about the redhat-lspp
mailing list