Date: Thu, 8 Nov 2001 15:45:02 -0800 (PST) From: Will Froning <wfroning@angui.sh> To: <freebsd-questions@freebsd.org> Subject: IPsec w/ Sonicwall Message-ID: <20011108152140.F24612-100000@angui.sh>
next in thread | raw e-mail | index | archive | help
OS: FreeBSD4.3 and SonicWall VPN I've been trying to setup FreeBSD IPsec to work with SonicWall, but I keep running into issues. I've tried it with manual keys and also with IKE (racoon). Neither work. When I set-up the account on the SonicWall for manual keys DES HMAC_MD5, for DES it's a 16 digit key and HMAC_MD5 it's a 32 digit key. When I looked in the FBSD handbook for IPsec, it also claimed DES to be 16, but Setkey still complains. If there is some obvious thing I'm doing wrong, please inform me. If there is not enough info, please ask. I need to have this setup for my office guys. If you need output from my Racoon sessions, just ask. Please cc me on the reply as I'm not on the list. Thanks, Will When I try to configure setkey I get this: ipsec.sh: #!/bin/sh gifconfig gif0 XXX.XXX.XXX.158 XXX.XXX.XXX.131 ifconfig gif0 inet XXX.XXX.XXX.158 192.168.1.0 netmask 255.255.0.0 setkey -FP setkey -F setkey -vc << EOF spdadd XXX.XXX.XXX.158/32 192.168.1.0/16 any -P out ipsec esp/tunnel/XXX.XXX.XXX.158-XXX.XXX.XXX.131/require; spdadd 192.168.1.0/16 XXX.XXX.XXX.158/32 any -P in ipsec esp/tunnel/XXX.XXX.XXX.131-XXX.XXX.XXX.158/require; add XXX.XXX.XXX.158 XXX.XXX.XXX.131 esp 822577 -m tunnel -E des-cbc "WWWWWWWWIIILLLLL" -A hmac-md5 "SECRETKEYSECRETKEYSECRETKEYSECRE" ; add XXX.XXX.XXX.131 XXX.XXX.XXX.158 esp 577822 -m tunnel -E des-cbc "WWWWWWWWIIILLLLL" -A hmac-md5 "SECRETKEYSECRETKEYSECRETKEYSECRE" ; wfroning# ./ipsec.sh line 5: Invalid key length at [WWWWWWWWIIILLLLL] parse failed, line 5. -- Will Froning Unix Sys. Admin. wfroning@angui.sh To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011108152140.F24612-100000>