Independent Verification of IPsec Functionality in FreeBSD

David Honig

Revision: 44703
Legal Notice
Last modified on 2014-04-29 21:06:07 by wblock.

You installed IPsec and it seems to be working. How do you know? I describe a method for experimentally verifying that IPsec is working.

[ Split HTML / Single HTML ]

Table of Contents
1. The Problem
2. The Solution
3. The Experiment
4. Caveat
5. IPsec---Definition
6. Installing IPsec
7. src/sys/i386/conf/KERNELNAME
8. Maurer's Universal Statistical Test (for block size=8 bits)

1. The Problem

First, lets assume you have installed IPsec. How do you know it is working? Sure, your connection will not work if it is misconfigured, and it will work when you finally get it right. netstat(1) will list it. But can you independently confirm it?

All FreeBSD documents are available for download at

Questions that are not answered by the documentation may be sent to <>.
Send questions about this document to <>.