From owner-freebsd-security@FreeBSD.ORG Tue May 24 07:24:49 2005 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 336F516A41C for ; Tue, 24 May 2005 07:24:49 +0000 (GMT) (envelope-from e-masson@kisoft-services.com) Received: from kraid.nerim.net (smtp-102-tuesday.nerim.net [62.4.16.102]) by mx1.FreeBSD.org (Postfix) with ESMTP id 80B7F43D49 for ; Tue, 24 May 2005 07:24:47 +0000 (GMT) (envelope-from e-masson@kisoft-services.com) Received: from srvbsdnanssv.interne.kisoft-services.com (kisoft.net1.nerim.net [62.212.107.51]) by kraid.nerim.net (Postfix) with ESMTP id 9A8D440F46; Tue, 24 May 2005 09:24:45 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by srvbsdnanssv.interne.kisoft-services.com (Postfix) with ESMTP id C0034C478; Tue, 24 May 2005 09:24:51 +0200 (CEST) Received: from srvbsdnanssv.interne.kisoft-services.com ([127.0.0.1]) by localhost (srvbsdnanssv.interne.kisoft-services.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 43899-03; Tue, 24 May 2005 09:24:43 +0200 (CEST) Received: by srvbsdnanssv.interne.kisoft-services.com (Postfix, from userid 1001) id 11A97C352; Tue, 24 May 2005 09:24:43 +0200 (CEST) To: Jeremie Le Hen From: Eric Masson In-Reply-To: <20050523214636.GG850@obiwan.tataz.chchile.org> (Jeremie Le Hen's message of "Mon, 23 May 2005 23:46:36 +0200") References: <20050523122742.49622.qmail@web8508.mail.in.yahoo.com> <20050523214636.GG850@obiwan.tataz.chchile.org> X-Operating-System: FreeBSD 5.4-RELEASE i386 Date: Tue, 24 May 2005 09:24:43 +0200 Message-ID: <86oeb13x38.fsf@srvbsdnanssv.interne.kisoft-services.com> User-Agent: Gnus/5.1006 (Gnus v5.10.6) XEmacs/21.4 (Jumbo Shrimp, berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-15 Content-Transfer-Encoding: 8bit X-Virus-Scanned: amavisd-new at interne.kisoft-services.com Cc: freebsd-security@freebsd.org, mohan chandra Subject: Re: How to setup IPSec tunnel between FreeBSD and Linux systems...? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 May 2005 07:24:49 -0000 Jeremie Le Hen writes: > FreeBSD uses either KAME IPSec or OpenBSD IPSec (known as Fast-IPSec). > As far as I can tell, they are mostly compatible. No interop problem known here with pre shared keys. > Since the daemons and configuration tools are the same now in BSD and > Linux, I think this should not bring to much pain to you to make them > work together. >From what i've read, Kame racoon seems to be deprecated in favor of ipsec-tools racoon, Larry Baird & Yvan Vanhullebus are working on NAT-T support on FreeBSD (patches available on ipsec-tools website) and merge into HEAD seems to be on the way. Regards Éric Masson -- Par l'exemple, tester si déjà présent, le charger, le décharger... -+- Joe in: - Change pas de main -+-