<html><head><style type="text/css"><!-- DIV {margin:0px;} --></style></head><body><div style="font-family:times new roman,new york,times,serif;font-size:12pt"><div>hello,<br><br>thank's to Mr. Sebastien Decugis for the answer.<br><br>but I still have a problem, when I am change network from Home Network to Foreign Network with IPSec, Binding Update from Mobile Node to Home Agent was sent, but the Home Agent not make a respon, so the Mobile Node can not registered the new CoA to Home Agent. then I try to ping Corresponden Node the messege is "operation is not permitted". then when I try again without IPSec, all node run with no error.<br><br>I am using sa.conf for IPSec:<br><br>##-------------------------------------------------------------<br>## IPsec MN -> HA, CN (BU) and HA, CN -> MN (BA) Transport Mode<br>##-------------------------------------------------------------<br>add 2001:660:4701:5::12 #mobile
node<br> 2001:660:4701:5::1 #home agent<br> esp 0001<br> -m transport<br> -E null<br> -A null;<br>add 2001:660:4701:5::1<br> 2001:660:4701:5::12<br> esp 0002<br> -m transport<br> -E null<br> -A null;<br>##-------------------------------------------------------<br>## IPsec MN -> HA (HoTI) and HA -> MN (HoT) Tunnel Mode<br>##-------------------------------------------------------<br>add 2001:660:4701:5::12<br>
2001:660:4701:5::1<br> esp 0016<br> -m tunnel<br> -E null<br> -A null;<br>add 2001:660:4701:5::1<br> 2001:660:4701:5::12<br> esp 0017<br> -m tunnel<br> -E null<br> -A null;<br><br>I active with:<br>setkey -FP<br>setkey -F<br>setkey -f /usr/local/etc/sa.conf<br><br>is there any wrong?<br><br><br><br><br></div><div style="font-family: times new roman,new york,times,serif; font-size: 12pt;"><br><div style="font-family: arial,helvetica,sans-serif; font-size: 13px;"><font face="Tahoma" size="2"><hr size="1"><b><span style="font-weight: bold;">Dari:</span></b>
"support-request@ml.nautilus6.org" <support-request@ml.nautilus6.org><br><b><span style="font-weight: bold;">Kepada:</span></b> support@ml.nautilus6.org<br><b><span style="font-weight: bold;">Terkirim:</span></b> Minggu, 1 Februari, 2009 09:28:27<br><b><span style="font-weight: bold;">Topik:</span></b> Support Digest, Vol 40, Issue 1<br></font><br>Send Support mailing list submissions to<br> <a ymailto="mailto:support@ml.nautilus6.org" href="mailto:support@ml.nautilus6.org">support@ml.nautilus6.org</a><br><br>To subscribe or unsubscribe via the World Wide Web, visit<br> <a href="http://ml.nautilus6.org/mailman/listinfo/support" target="_blank">http://ml.nautilus6.org/mailman/listinfo/support</a><br>or, via email, send a message with subject or body 'help' to<br> <a ymailto="mailto:support-request@ml.nautilus6.org"
href="mailto:support-request@ml.nautilus6.org">support-request@ml.nautilus6.org</a><br><br>You can reach the person managing the list at<br> <a ymailto="mailto:support-owner@ml.nautilus6.org" href="mailto:support-owner@ml.nautilus6.org">support-owner@ml.nautilus6.org</a><br><br>When replying, please edit your Subject line so it is more specific<br>than "Re: Contents of Support digest..."<br><br><br>Today's Topics:<br><br> 1. IPSec on Homeguy (Brama Subhifajar)<br> 2. Re: IPSec on Homeguy (Sebastien Decugis)<br><br><br>----------------------------------------------------------------------<br><br>Message: 1<br>Date: Sat, 31 Jan 2009 22:04:20 +0800 (SGT)<br>From: Brama Subhifajar <<a ymailto="mailto:first_shaboo@yahoo.com" href="mailto:first_shaboo@yahoo.com">first_shaboo@yahoo.com</a>><br>Subject: [support] IPSec on Homeguy<br>To: <a ymailto="mailto:support@ml.nautilus6.org"
href="mailto:support@ml.nautilus6.org">support@ml.nautilus6.org</a><br>Message-ID: <<a ymailto="mailto:179050.88309.qm@web76308.mail.sg1.yahoo.com" href="mailto:179050.88309.qm@web76308.mail.sg1.yahoo.com">179050.88309.qm@web76308.mail.sg1.yahoo.com</a>><br>Content-Type: text/plain; charset="utf-8"<br><br>hello,<br><br>I try to implementation Mobile IPv6 and I am using homeguy for all node on my network.<br>My implementation using IPsec, and I have trouble:<br><br>when I try to run mip6d I have XFRM error report both on Mobile Node and Home Agent, then I try check on kernel ( security option --> XFRM (IPSec)) I found the option is not marked. so I mark (*) then I recompie the kernel like the instruction on <a href="https://help.ubuntu.com/community/Kernel/Compile#AltBuildMethod" target="_blank">https://help.ubuntu.com/community/Kernel/Compile#AltBuildMethod</a> <br>I was
trying all the tutorial, all process when compiling kernel was sucessed with no error. I reboot computer and login at new kernel. the problem, My implementation is using RADVD for router advertisement when I start error messege is apparmor module is failed to load.. I check again the module,(/lib/module/) I found there is no folder ubuntu and on (/sys/module) there is no folder apparmor. <br><br>I am using homeguy kernel 2.6.22-14-mip6 and repository from <a href="http://software.nautilus6.org/packages/ubuntu" target="_blank">http://software.nautilus6.org/packages/ubuntu</a> gutsy/ <br><a href="http://debian.nctu.edu.tw/ubuntu" target="_blank">http://debian.nctu.edu.tw/ubuntu</a> gutsy/.<br> <br>I think I was wrong on compiling kernel.. <br><br>can somebody help me to make correction from what I did.. or any suggestion how to implementation mobile IPv6 using IPSec..<br><br><br><br><br>sorry if my english
is bad.<br><br>thank's before<br><br><br><br> Bersenang-senang di Yahoo! Messenger dengan semua teman. Tambahkan mereka dari email atau jaringan sosial Anda sekarang! <a href="http://id.messenger.yahoo.com/invite/" target="_blank">http://id.messenger.yahoo.com/invite/</a><br>-------------- next part --------------<br>An HTML attachment was scrubbed...<br>URL: <a href="http://ml.nautilus6.org/pipermail/support/attachments/20090131/a62f4f96/attachment.html" target="_blank">http://ml.nautilus6.org/pipermail/support/attachments/20090131/a62f4f96/attachment.html</a><br><br>------------------------------<br><br>Message: 2<br>Date: Sun, 01 Feb 2009 00:56:36 +0900<br>From: Sebastien Decugis <<a ymailto="mailto:sdecugis@hongo.wide.ad.jp" href="mailto:sdecugis@hongo.wide.ad.jp">sdecugis@hongo.wide.ad.jp</a>><br>Subject: Re: [support] IPSec on Homeguy<br>To: Support ML <<a ymailto="mailto:support@ml.nautilus6.org"
href="mailto:support@ml.nautilus6.org">support@ml.nautilus6.org</a>><br>Message-ID: <<a ymailto="mailto:498474B4.5070604@hongo.wide.ad.jp" href="mailto:498474B4.5070604@hongo.wide.ad.jp">498474B4.5070604@hongo.wide.ad.jp</a>><br>Content-Type: text/plain; charset=UTF-8<br><br>Hello,<br><br>The homeguy live CD was tested successfully with IPsec protection of<br>Mobile IPv6 signaling and payload data (both static and dynamic keying).<br>If you are using it you don't need to recompile the kernel or other<br>components, since they were patched to work smoothly together. You can<br>even use the HAiku software to generate the configuration for your<br>static keying for you.<br><br>If you want to use newer versions, you may need to port some of the<br>patches. You can find a tutorial (almost 1 year ago, situation probably<br>changed) on [1] and probably more up-to-date information on [2].<br><br>Hope it helps...<br>Sebastien.<br><br>[1] <a
href="http://www.nautilus6.org/doc/dk-howto/Howto_dynamic_keying.html" target="_blank">http://www.nautilus6.org/doc/dk-howto/Howto_dynamic_keying.html</a><br>[2] <a href="http://natisbad.org/MIPv6/index.html" target="_blank">http://natisbad.org/MIPv6/index.html</a><br><br><br>Brama Subhifajar a écrit :<br>> hello,<br>> <br>> I try to implementation Mobile IPv6 and I am using homeguy for all <br>> node on my network.<br>> My implementation using IPsec, and I have trouble:<br>> <br>> when I try to run mip6d I have XFRM error report both on Mobile Node<br>> and Home Agent, then I try check on kernel ( security option --> XFRM<br>> (IPSec)) I found the option is not marked. so I mark (*) then I recompie<br>> the kernel like the instruction on <br>> <a href="https://help.ubuntu.com/community/Kernel/Compile#AltBuildMethod"
target="_blank">https://help.ubuntu.com/community/Kernel/Compile#AltBuildMethod</a> <br>> I was trying all the tutorial, all process when compiling kernel was<br>> sucessed with no error. I reboot computer and login at new kernel. the<br>> problem, My implementation is using RADVD for router advertisement when<br>> I start error messege is apparmor module is failed to load.. I check<br>> again the module,(/lib/module/) I found there is no folder ubuntu <br>> and on (/sys/module) there is no folder apparmor.<br>> <br>> I am using homeguy kernel 2.6.22-14-mip6 and repository from<br>> <a href="http://software.nautilus6.org/packages/ubuntu" target="_blank">http://software.nautilus6.org/packages/ubuntu</a> gutsy/<br>> <a href="http://debian.nctu.edu.tw/ubuntu" target="_blank">http://debian.nctu.edu.tw/ubuntu</a> gutsy/.<br>> <br>> I think I was wrong on compiling kernel..<br>>
<br>> can somebody help me to make correction from what I did.. or any<br>> suggestion how to implementation mobile IPv6 using IPSec..<br>> <br>> <br>> <br>> <br>> sorry if my english is bad.<br>> <br>> thank's before<br>> <br>> ------------------------------------------------------------------------<br>> Mencari semua teman di Yahoo! Messenger?<br>> <<a href="http://sg.rd.yahoo.com/id/messenger/trueswitch/mailtagline/*http://id.messenger.yahoo.com/invite/" target="_blank">http://sg.rd.yahoo.com/id/messenger/trueswitch/mailtagline/*http://id.messenger.yahoo.com/invite/</a>><br>> Undang teman dari Hotmail, Gmail ke Yahoo! Messenger dengan mudah sekarang!<br>> <br>> <br>> ------------------------------------------------------------------------<br>> <br>> _______________________________________________<br>> Support mailing list<br>> <a ymailto="mailto:Support@ml.nautilus6.org"
href="mailto:Support@ml.nautilus6.org">Support@ml.nautilus6.org</a><br>> <a href="http://ml.nautilus6.org/mailman/listinfo/support" target="_blank">http://ml.nautilus6.org/mailman/listinfo/support</a><br><br><br>------------------------------<br><br>_______________________________________________<br>Support mailing list<br><a ymailto="mailto:Support@ml.nautilus6.org" href="mailto:Support@ml.nautilus6.org">Support@ml.nautilus6.org</a><br><a href="http://ml.nautilus6.org/mailman/listinfo/support" target="_blank">http://ml.nautilus6.org/mailman/listinfo/support</a><br><br><br>End of Support Digest, Vol 40, Issue 1<br>**************************************<br></div></div></div><br>
<hr size=1> <a href="http://sg.rd.yahoo.com/id/messenger/trueswitch/mailtagline/*http://id.messenger.yahoo.com/invite/"> Menambah banyak teman sangatlah mudah dan cepat.</a><br>Undang teman dari Hotmail, Gmail ke Yahoo! Messenger sekarang!</body></html>