Date: Wed, 01 Feb 2006 10:34:22 -0200 From: Tiago Cruz <tiagocruz@b4br.net> To: "freebsd-net@FreeBSD.org" <freebsd-net@FreeBSD.org> Cc: irado@hotpop.com Subject: Re: IPSEC documentation Message-ID: <1138797262.26667.37.camel@localhost.localdomain> In-Reply-To: <20060120215333.GA48603@uk.tiscali.com> References: <20051228143817.GA6898@uk.tiscali.com> <001401c60bc0$a3c87e90$1200a8c0@gsicomp.on.ca> <20051228153106.GA7041@uk.tiscali.com> <20051228164339.GB3875@zen.inc> <43B38747.1060906@iteranet.com> <20051229122549.GA11055@uk.tiscali.com> <20060120215333.GA48603@uk.tiscali.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello from all, good morning. I wrote a little article speaking about VPN in FreeBSD, called "VPN Solutions integrating Linux, FreeBSD and Windows": http://www.linuxrapido.org/modules.php?name=Sections&op=viewarticle&artid=95 Well, I can't saw the start from this thread, but I have some things to add in this handbook's documentation: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ipsec.html Fist from all, very thanks by this documentation, because is very good. 1-) "Note: In FreeBSD 5.X, the functionality provided by the gifconfig(8) utility has been merged into ifconfig(8)." But we don't have any example to do this. A litle bit of example will help many people, like this: FreeBSD 4.x: gifconfig gif0 A.B.C.D W.X.Y.Z ifconfig gif0 inet 192.168.1.1 192.168.2.1 netmask 0xffffffff FreeBSD 5.x and above: ifconfig gif0 create ifconfig gif0 tunnel A.B.C.D W.X.Y.Z ifconfig gif0 inet 192.168.1.1 192.168.2.1 netmask 255.255.252.0 2-) How I can do that raccon is working? Please, you can spoke about the "setkey -a -D" command, before and after ping between hosts. 3-) A little script do help us: We wrote a small stupid-simple script to put in /usr/local/etc/rc.d: ============================================ #/bin/sh # Script to start the VPN Out/2005 # Irado furious with all (irado at globecom.net) # Tiago Cruz (tiagocruz at linuxrapido.org) ip_OF_THERE="200.000.000.001" ip_HERE="200.000.000.002" gateway_OF_THERE="192.168.0.1" gateway_HERE="192.168.2.1" net_OF_THERE="192.168.0.0" net_HERE="192.168.2.0" mask="255.255.255.0" case ${1} in start) echo "Inicializando VPN..." /sbin/ifconfig gif0 create /sbin/ifconfig gif0 tunnel ${ip_HERE} ${ip_OF_THERE} /sbin/ifconfig gif0 inet ${gateway_HERE} ${gateway_OF_THERE} netmask ${mask} /sbin/route add -net ${net_OF_THERE} -netmask ${mask} ${gateway_OF_THERE} /usr/sbin/setkey -f /etc/ipsec.conf /usr/local/sbin/racoon pfctl -f /etc/pf.conf ;; stop) echo "Finishing VPN..." /sbin/ifconfig gif0 destroy /sbin/route delete -net ${net_OF_THERE} -netmask ${mask} ${gateway_OF_THERE} killall racoon ;; *) echo "Use 'vpn start' ou 'vpn stop'!" ;; esac exit 0 ============================================ Hope this help something -- Tiago Cruz http://linuxrapido.org Linux User #282636 "The box said: Requires MS Windows or better, so I installed Linux"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1138797262.26667.37.camel>