From owner-freebsd-net@FreeBSD.ORG  Thu Nov 17 14:57:34 2005
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: freebsd-net@freebsd.org
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id E0D6916A41F
	for <freebsd-net@freebsd.org>; Thu, 17 Nov 2005 14:57:34 +0000 (GMT)
	(envelope-from volker@vwsoft.com)
Received: from gwfra.elbekies.net (tce71.tce85.de [195.145.102.20])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 6C53C43D46
	for <freebsd-net@freebsd.org>; Thu, 17 Nov 2005 14:57:34 +0000 (GMT)
	(envelope-from volker@vwsoft.com)
Received-SPF: pass (gwfra.elbekies.net: domain of vwsoft.com designates
	84.245.169.96 as permitted sender) client-ip=84.245.169.96;
	envelope-from=volker@vwsoft.com; helo=mail.vtec.ipme.de; 
Received: from mail.vtec.ipme.de (84-245-169-96.ipool.celox.de [84.245.169.96])
	by gwfra.elbekies.net (Postfix) with ESMTP id C445D17028
	for <freebsd-net@freebsd.org>; Thu, 17 Nov 2005 15:57:17 +0100 (CET)
Received: from [127.0.0.1] (cesar.sz.vwsoft.com [192.168.16.3])
	by mail.vtec.ipme.de (Postfix) with ESMTP id 08F7A5C0E;
	Thu, 17 Nov 2005 14:09:17 +0100 (CET)
Message-ID: <437C808F.5070905@vwsoft.com>
Date: Thu, 17 Nov 2005 14:07:27 +0100
From: Volker <volker@vwsoft.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US;
	rv:1.7.10) Gecko/20050716 Thunderbird/1.0.6 Mnenhy/0.6.0.101
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: asko <asko_nospam@ultrasoft.ee>
References: <20051117120044.4DB5516A434@hub.freebsd.org>
In-Reply-To: <20051117120044.4DB5516A434@hub.freebsd.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-VWSoft-MailScanner: Found to be clean
X-TarmacIntl-MailScanner: Found to be clean
X-MailScanner-From: volker@vwsoft.com
Cc: freebsd-net@freebsd.org
Subject: Re: IPSEC, Watchguard SOHO 6tc and racoon
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Nov 2005 14:57:35 -0000

> 
> Hi,
> 
> Has anyone successfully connected Watchguard SOHO 6tc to FreeBSD with 
> IPSEC. I am not able to get pass phase 1 during key exchange..
> 
[snip]
> 
> $cat vpn1.sh
> setkey -FP
> setkey -F
> #
> # Configure the Policy
> #
> setkey -c << END
> spdadd 192.168.8.185/32 192.168.3.0/24 any -P out ipsec
>  esp/tunnel/192.168.8.185-192.168.8.154/require;
> spdadd 192.168.3.0/24 192.168.8.185/32 any -P in ipsec
>  esp/tunnel/192.168.8.154-192.168.185/require;
> END
> #
> 

Asko,

please correct your typo:
 >  esp/tunnel/192.168.8.154-192.168.185/require;
should be:
   esp/tunnel/192.168.8.154-192.168.8.185/require;
                                                                ^^^^^^

Regards,

Volker