From owner-freebsd-questions@FreeBSD.ORG  Thu Sep 13 16:50:57 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id DCCB016A41B
	for <freebsd-questions@FreeBSD.org>;
	Thu, 13 Sep 2007 16:50:57 +0000 (UTC)
	(envelope-from xfb52@dial.pipex.com)
Received: from astro.systems.pipex.net (astro.systems.pipex.net [62.241.163.6])
	by mx1.freebsd.org (Postfix) with ESMTP id 9672B13C467
	for <freebsd-questions@FreeBSD.org>;
	Thu, 13 Sep 2007 16:50:57 +0000 (UTC)
	(envelope-from xfb52@dial.pipex.com)
Received: from [192.168.23.2] (62-31-10-181.cable.ubr05.edin.blueyonder.co.uk
	[62.31.10.181])
	by astro.systems.pipex.net (Postfix) with ESMTP id 7440EE00074D;
	Thu, 13 Sep 2007 17:50:55 +0100 (BST)
Message-ID: <46E96A6F.1090703@dial.pipex.com>
Date: Thu, 13 Sep 2007 17:50:55 +0100
From: Alex Zbyslaw <xfb52@dial.pipex.com>
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-GB; rv:1.7.13) Gecko/20061205
X-Accept-Language: en
MIME-Version: 1.0
To: ckd ckd <ckd35510@gmail.com>
References: <3f02670709130733g7bc53e2ai76b50dec412543ac@mail.gmail.com>
In-Reply-To: <3f02670709130733g7bc53e2ai76b50dec412543ac@mail.gmail.com>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Cc: freebsd-questions@FreeBSD.org
Subject: Re: vpn which freeBSD 6.2
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Sep 2007 16:50:57 -0000

ckd ckd wrote:

>Hi,
>
>i tryed to make a VPN between 2 freeBSD 6.2 like this :
>----10.0.1.0/24 ---GW1: 10.0.0.1 ============= 10.0.0.2 GW2 --- 10.0.2.0/24
>whith GENERIC kernel i can ping from either subnet.
> i compiled  a custom kernel with options IPSEC and IPSEC_ESP .
>the ping dont work ?
>  
>
You don't mention having installed e.g. racoon (in security/ipsec-tools) 
so you don't have any software to actually set up and negotiate a tunnel.

AFAIK, IPSEC and IPSEC_ESP are just options to enable those specific 
protocols, but you still need software to do IKE and all the other 
acronyms that VPN comes with.

Here's a bunch of links I found useful when setting up VPN:

http://www.mail-archive.com/freebsd-net@freebsd.org/msg19089.html

http://www.lacave.net/~fred/racoon/config.html

http://www.netbsd.org/docs/network/ipsec/

--Alex