From owner-freebsd-questions  Wed Jun 27 11:48:31 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from corleone.idealab.com (mx2.idealab.com [64.208.8.4])
	by hub.freebsd.org (Postfix) with SMTP id 15DE737B406
	for <questions@freebsd.org>; Wed, 27 Jun 2001 11:48:29 -0700 (PDT)
	(envelope-from jim@compete.com)
Received: (qmail 23205 invoked by alias); 27 Jun 2001 18:48:28 -0000
Received: (qmail 23164 invoked from network); 27 Jun 2001 18:48:28 -0000
Received: from unknown (HELO cartman.boston.geekhouse.net) (10.5.1.109)
  by corleone.idealab.com with SMTP; 27 Jun 2001 18:48:28 -0000
Received: by cartman.boston.geekhouse.net (Postfix, from userid 1000)
	id 5F6DD3219; Wed, 27 Jun 2001 14:48:27 -0400 (EDT)
Date: Wed, 27 Jun 2001 14:48:27 -0400
From: Jim Mock <jim@compete.com>
To: Gavin Kenny <gavinkenny@yahoo.co.uk>
Cc: questions@freebsd.org
Subject: Re: VPN setup
Message-ID: <20010627144827.A3306@cartman.boston.geekhouse.net>
Reply-To: jim@compete.com
References: <20010627164434.51128.qmail@web20006.mail.yahoo.com> <20010627125905.A2424@cartman.boston.geekhouse.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20010627125905.A2424@cartman.boston.geekhouse.net>
User-Agent: Mutt/1.3.19i
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

On Wed, 27 Jun 2001 at 12:59:05 -0400, Jim Mock wrote:
> On Wed, 27 Jun 2001 at 17:44:34 +0100, Gavin Kenny wrote:
> > Jim,
> > 
> > Have you set up the Security Associations?
> > 
> > you have used spdadd which sets up you security policy (i.e. if you
> > want to send a packet from A to B encrypt it)
> > 
> > But you also need the SA's to tell IPSec what algorythms to use and
> > what keys to use. It is dead easy if you are prepared to set them up
> > manually, lots harder if you want to use IKE (so I'm told).
> 
> Ah ha.  I didn't do that.  I wouldn't even have posted if I saw the
> link to the diary article (that's what I get for not reading my mail
> first, I guess :-).
> 
> Thanks for the tip.

Ok, after reading through the diary article, I scrapped what I had
before and decided to follow it.  The only difference between my setup
and the setup in the diary is the VPN IPs.  For the machine here, I used
192.168.1.254, and for the machine in SF I used 192.168.3.254.  I can't
ping either from either machine.  Is this normal?

- jim

-- 
- jim mock <jim@compete.com>      www.compete.com - jim@FreeBSD.org -
- senior systems administrator - Compete, Inc. - ph: 1.617.867.7035 -

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message