From owner-freebsd-security Wed Mar 6 0:16:59 2002 Delivered-To: freebsd-security@freebsd.org Received: from fe170.worldonline.dk (fe170.worldonline.dk [212.54.64.199]) by hub.freebsd.org (Postfix) with SMTP id D50A337B402 for ; Wed, 6 Mar 2002 00:16:40 -0800 (PST) Received: (qmail 7285 invoked by uid 0); 6 Mar 2002 08:16:38 -0000 Received: from 213.237.14.128.adsl.ho.worldonline.dk (HELO dpws) (213.237.14.128) by fe170.worldonline.dk with SMTP; 6 Mar 2002 08:16:38 -0000 Message-ID: <001801c1c4e7$39156f00$0301a8c0@dpws> From: "Dennis Pedersen" To: "Shao Hui" Cc: References: <005701c1c432$ff531b50$0301a8c0@dpws> <20020305202455H.sakane@kame.net> <008801c1c43c$0a09a290$0301a8c0@dpws> <3C84D014.D8DFE65C@centtech.com> <00cd01c1c450$4d627350$0301a8c0@dpws> <3C84D75B.C9E415FF@centtech.com> <011b01c1c45b$7721dae0$0301a8c0@dpws> <3C84E7F6.44D54DD9@centtech.com> <00f501c1c4bc$6efc5190$ce00a8c0@fs> Subject: Re: Racoon/sainfo - 'no policy found' Date: Wed, 6 Mar 2002 09:16:27 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4807.1700 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4807.1700 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Dynamic IP is a real b*** On the net list the was posted a link. It can solve the problem with dynaminc IP but it is'nt pretty ;) /Dennis ----- Original Message ----- From: "Shao Hui" To: ; "Dennis Pedersen" Cc: Sent: Wednesday, March 06, 2002 4:10 AM Subject: Re: Racoon/sainfo - 'no policy found' > can you tell me how you configure your vpn? I am working on such a vpn too. > the SGM has public ip, and the SG1 and SG2 have only dynamic ip. both SG1 > and SG2 can connect to SGM, but how to make SG1 connect SG2? > > thanks! > > ----- Original Message ----- > From: "Eric Anderson" > To: "Dennis Pedersen" > Cc: > Sent: Tuesday, March 05, 2002 11:44 PM > Subject: Re: Racoon/sainfo - 'no policy found' > > > > Yes, I am using Racoon.. with ipnat and ipfilter. > > > > Eric > > > > > > Dennis Pedersen wrote: > > > > > > Okai that was'nt so bad. > > > are you using racoon or what other deamon or you using? > > > > > > Regards, > > > Dennis > > > ----- Original Message ----- > > > From: "Eric Anderson" > > > To: "Dennis Pedersen" > > > Cc: > > > Sent: Tuesday, March 05, 2002 3:34 PM > > > Subject: Re: Racoon/sainfo - 'no policy found' > > > > > > > We have a T1, and when the T1 is full with people using the vpn's (which > > > barely > > > > ever happens), the load is only slightly noticeable on the work server. > > > All > > > > vpn's are always connected. bsdsar shows the machine about 95% idle > > > throughout > > > > the day. > > > > > > > > Eric > > > > > > > > > > > > Dennis Pedersen wrote: > > > > > > > > > > ----- Original Message ----- > > > > > From: "Eric Anderson" > > > > > Sent: Tuesday, March 05, 2002 3:03 PM > > > > > Subject: Re: Racoon/sainfo - 'no policy found' > > > > > > > > > > > I have about 60 vpn's connected to one host right now, all using cable > > > > > modems, > > > > > > ADSL, or SDSL connections. All work well, and are fast. It barely > > > uses > > > > > any > > > > > > ram, and I have a VIA C3 600MHz (Celeron 600MHz equivalent) as the > > > > > "server" (or > > > > > > at the main office), which is overkill for its needs. > > > > > > > > > > Okai sweet.. > > > > > What about CPU load in peek? > > > > > Are all 60 vpns connected at the same time? > > > > > What speed do you have at the office? > > > > > > > > > > I'm looking for some guidelines about how big my box at the Main should > > > be > > > > > :) > > > > > > > > > > /Dennis > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > > with "unsubscribe freebsd-security" in the body of the message > > > > > > > > -- > > > > ------------------------------------------------------------------ > > > > Eric Anderson Systems Administrator Centaur Technology > > > > If at first you don't succeed, sky diving is probably not for you. > > > > ------------------------------------------------------------------ > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > with "unsubscribe freebsd-security" in the body of the message > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > with "unsubscribe freebsd-security" in the body of the message > > > > -- > > ------------------------------------------------------------------ > > Eric Anderson Systems Administrator Centaur Technology > > If at first you don't succeed, sky diving is probably not for you. > > ------------------------------------------------------------------ > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message