From owner-freebsd-net@FreeBSD.ORG  Mon Apr 18 13:42:21 2005
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 5A76116A4DA
	for <net@freebsd.org>; Mon, 18 Apr 2005 13:42:21 +0000 (GMT)
Received: from tibor.swiftdsl.com.au (tibor.swiftdsl.com.au [202.154.92.226])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 1300C43D46
	for <net@freebsd.org>; Mon, 18 Apr 2005 13:42:20 +0000 (GMT)
	(envelope-from mv@roq.com)
Received: (qmail 18612 invoked from network); 18 Apr 2005 13:50:12 -0000
Received: from unknown (HELO [10.0.0.55]) ([218.214.143.85])
          (envelope-sender <mv@roq.com>)
          by tibor.swiftdsl.com.au (qmail-ldap-1.03) with SMTP
          for <julian@elischer.org>; 18 Apr 2005 13:50:12 -0000
Message-ID: <4263B938.30009@roq.com>
Date: Mon, 18 Apr 2005 23:42:16 +1000
From: Michael Vince <mv@roq.com>
User-Agent: Mozilla Thunderbird 0.9 (Windows/20041103)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Julian Elischer <julian@elischer.org>
References: <42604BD4.9040906@elischer.org>
In-Reply-To: <42604BD4.9040906@elischer.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
cc: net@freebsd.org
Subject: Re: cisco vpn experience?
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Apr 2005 13:42:21 -0000

Yeah I hooked up 5.3 BSD box with to a big mobile phone companies 
$60,000 Cisco VPN piece of equipment, I got Cisco cert my self but I 
prefer FreeBSD :)
Used Racoon/ipsec tools and FastIPSec compiled into the kernel.

IPs are spoofed ,but just to give you the idea.

Mar 31 16:02:54 mord racoon: INFO: IPsec-SA request for 192.168.64.132 
queued due to no phase1 found.
Mar 31 16:02:54 mord racoon: INFO: initiate new phase 1 negotiation: 
192.168.207.68[500]<=>192.168.64.132[500]
Mar 31 16:02:54 mord racoon: INFO: begin Identity Protection mode.
Mar 31 16:02:54 mord racoon: INFO: received Vendor ID: CISCO-UNITY
Mar 31 16:02:54 mord racoon: INFO: received Vendor ID: DPD
Mar 31 16:02:54 mord racoon: INFO: received Vendor ID: 
draft-ietf-ipsra-isakmp-xauth-06.txt
Mar 31 16:02:54 mord racoon: INFO: ISAKMP-SA established 
192.168.207.68[500]-192.168.64.132[500] 
spi:031111091ac91619:5bf5227037f4fa80
Mar 31 16:02:55 mord racoon: INFO: initiate new phase 2 negotiation: 
192.168.207.68[0]<=>192.168.64.132[0]
Mar 31 16:02:55 mord racoon: INFO: IPsec-SA established: ESP/Tunnel 
192.168.64.132->192.168.207.68 spi=30520619(0x1cb25c2)
Mar 31 16:02:55 mord racoon: INFO: IPsec-SA established: ESP/Tunnel 
192.168.207.68->192.168.64.132 spi=626279197(0x28e7c1b1

Julian Elischer wrote:

> Has anyone connected a FreeBSD machine to a "cisco ipsec VPN" as 
> exported by
> various Cisco routers.
>
> they have special solaris, linux and windows clients..
>
>
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"