Date: Wed, 18 May 2005 12:00:23 +0100 From: Daren Russell <darenr@end-design.co.uk> To: freebsd-questions@freebsd.org Subject: Re: IPSec and Racoon between 5.4 and 4.11 Message-ID: <d6f769$ac7$1@sea.gmane.org> In-Reply-To: <d6a1fg$pf1$1@sea.gmane.org> References: <d6a1fg$pf1$1@sea.gmane.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Daren Russell wrote: > Hi, > > We have a VPN between two FBSD machines using IPSEC and Racoon. I > managed to put this together a couple of years back with (getting) old > hardware, although I am certainly no expert. One of the machines is > about to be replaced as it is occasionally conking out, and I though I > would try the 5.4 release on the new hardware (both existing machines > are running 4.9) > > I have setup internally the layout and effectively replicated the > configs of both machines (except for the one being 5.4, and a second > running 4.11 instead of 4.9), but I cannot get them talking. The > configs for Racoon/IPSec/psk have been transferred over with zero > changes. The 5.4 machine is using standard IPSEC (not FAST_IPSEC), and > a standard tunnel works fine. It's as soon as IPSec/Racoon is brought > in that it falls over. > > Has anybody got 5.4 <-> 4.11 talking in this config, or does anybody > know of any pitfalls because of kernel changes? > > The only other thing is the 5.4 machine is running amd64. > Just as a follow up for the archives: I re-installed using the i386 arch (the machine was amd64) and with the exact same config files, the VPN came straight up. I guess there is an issue with running racoon on amd64 at the moment. Maybe this will help anybody else considering this setup. Regards Daren
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d6f769$ac7$1>