From owner-freebsd-questions@FreeBSD.ORG Wed Oct 8 08:15:20 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0F21316A4BF for ; Wed, 8 Oct 2003 08:15:20 -0700 (PDT) Received: from mail.fiber.net (mail.fiber.net [216.83.130.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8AB8943FEC for ; Wed, 8 Oct 2003 08:15:17 -0700 (PDT) (envelope-from adam@baylessfamily.org) Received: from yo_ink.fiber.net (user-211.office.fiber.net [216.83.129.211]) by mail.fiber.net (8.12.9/8.12.9) with ESMTP id h98FFcht006456 for ; Wed, 8 Oct 2003 09:15:38 -0600 (MDT) Message-Id: <6.0.0.22.0.20031008091316.03167a78@mail.baylessfamily.org> X-Sender: abayless@mail.baylessfamily.org (Unverified) X-Mailer: QUALCOMM Windows Eudora Version 6.0.0.22 Date: Wed, 08 Oct 2003 09:15:12 -0600 To: freebsd-questions@freebsd.org From: Adam Bayless In-Reply-To: References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Subject: Re: IPsec with racoon X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Oct 2003 15:15:20 -0000 Rick, Thanks for the suggestion, but it is a publicly routable address. It actually appears to be getting all of phase 1 complete and most of phase 2 but just never passes any traffic across the VPN tunnel itself, so I am past the basic connectivity issues. Anyone else have any thoughts? Thanks, Adam At 03:06 PM 10/7/2003, rduvall@onlinehighways.net wrote: >Is the external IP address of your VPN device an internet routable IP >address? >I know that if you are on an ADSL without static IP (like Qwest or MSN >adsl) the >IP address that is automatically assigned via DHCP by the DSL modem is >private >IP space, and therefore your VPN will not work. I resorted to getting an >Alcatel Speedtouch USB modem and plugging it into a FreeBSD box for my >Qwest MSN >and set my VPN to go between the 2 FreeBSD boxes. This gave my >firewall/gateway >a real IP address. Granted, it is dynamic and I have to change my vpn every >time my IP address get's re-negotiated, but at least it works. I am >trying to >figure out a way to dynamicly change the VPN config on both ends when ppp >comes >up so I don't have to do it manually. > >Sincerely, > >Rick Duvall > >--- Adam Bayless wrote: > > I've followed a couple of the tutorials available on the web, including > the > > one in the FreeBSD manual, for setting up an IPsec tunnel between two > > FreeBSD machines, but I am trying to connect to a netgear VPN device. I'm > > getting past phase 1 and getting an SA but the traffic will not flow. > > > > Without quoting every piece of config, does anybody have any pointers on > > what might differ between the tutorials on FreeBSD <-> FreeBSD and talking > > to a VPN device? > > > > Thanks, > > > > Adam > > > > > > > > > > > > ------------------------------------------------------------ > > Adam Bayless | vi /etc/mail/aliases > > Fibernet System Janitor | complaints: /dev/null > > adam@baylessfamily.org | :wq > > baylessfamily.org/~abayless | newaliases > > ------------------------------------------------------------ > > > > _______________________________________________ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > > ------------------------------------------------------------ Adam Bayless | vi /etc/mail/aliases Fibernet System Janitor | complaints: /dev/null adam@baylessfamily.org | :wq baylessfamily.org/~abayless | newaliases ------------------------------------------------------------