From owner-freebsd-net@FreeBSD.ORG Fri Jun 16 03:44:02 2006 Return-Path: X-Original-To: net@freebsd.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 91EF716A47E for ; Fri, 16 Jun 2006 03:44:02 +0000 (UTC) (envelope-from mv@thebeastie.org) Received: from p4.roq.com (ns1.ecoms.com [207.44.130.137]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2FA0B43D48 for ; Fri, 16 Jun 2006 03:43:59 +0000 (GMT) (envelope-from mv@thebeastie.org) Received: from p4.roq.com (localhost.roq.com [127.0.0.1]) by p4.roq.com (Postfix) with ESMTP id EB6834CAF5 for ; Fri, 16 Jun 2006 03:44:08 +0000 (GMT) Received: from vaulte.jumbuck.com (ppp166-27.static.internode.on.net [150.101.166.27]) by p4.roq.com (Postfix) with ESMTP id 8E4E54CAAB for ; Fri, 16 Jun 2006 03:44:08 +0000 (GMT) Received: from vaulte.jumbuck.com (localhost [127.0.0.1]) by vaulte.jumbuck.com (Postfix) with ESMTP id 812898A01F for ; Fri, 16 Jun 2006 13:43:55 +1000 (EST) Received: from [192.168.46.102] (unknown [192.168.46.250]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by vaulte.jumbuck.com (Postfix) with ESMTP id 754418A00D for ; Fri, 16 Jun 2006 13:43:55 +1000 (EST) Message-ID: <449228FA.50303@thebeastie.org> Date: Fri, 16 Jun 2006 13:43:54 +1000 From: Michael Vince User-Agent: Mozilla/5.0 (X11; U; FreeBSD amd64; en-US; rv:1.7.12) Gecko/20060404 X-Accept-Language: en-us, en MIME-Version: 1.0 To: net@freebsd.org Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV using ClamSMTP X-Virus-Scanned: ClamAV using ClamSMTP Cc: Subject: VPN with FAST_IPSEC and ipsec tools X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Jun 2006 03:44:02 -0000 Hey all. I have been trying to setup a VPN between 2 FreeBSD hosts, but I can't get any IKE exchange activity via ipsec tools happening. I used this script http://thebeastie.org/projects/vpnsetup/vpnsetup.pl which I created for my self to help me remember all the knobs, its been about a year since I last did a VPN and I am finding that with FAST_IPSEC (haven't tested yet with other IPSec) and with FreeBSD 6.1release that I am not getting any IKE exchange activity including any kind of attempts for the VPNs to connect to each other, it just appear that ipsec-tools doesn't identify any interesting traffic that I set, I am guessing its something to do with FAST_IPSEC but I am not sure. I have setup the GRE tunneling and that is working fine doing pings and tracerts when I disable ipsec and ipsec-tools, its just the encryption side thats the problem. Can any one help? Thanks Mike