From owner-freebsd-security@FreeBSD.ORG  Tue May 24 07:39:19 2005
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
X-Original-To: freebsd-security@freebsd.org
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id EB5CF16A41C
	for <freebsd-security@freebsd.org>;
	Tue, 24 May 2005 07:39:19 +0000 (GMT)
	(envelope-from tataz@tataz.chchile.org)
Received: from postfix3-2.free.fr (postfix3-2.free.fr [213.228.0.169])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 951BF43D1D
	for <freebsd-security@freebsd.org>;
	Tue, 24 May 2005 07:39:19 +0000 (GMT)
	(envelope-from tataz@tataz.chchile.org)
Received: from tatooine.tataz.chchile.org
	(vol75-8-82-233-239-98.fbx.proxad.net [82.233.239.98])
	by postfix3-2.free.fr (Postfix) with ESMTP id B6257C0D0;
	Tue, 24 May 2005 09:39:17 +0200 (CEST)
Received: by tatooine.tataz.chchile.org (Postfix, from userid 1000)
	id 00B5D407E; Tue, 24 May 2005 09:39:18 +0200 (CEST)
Date: Tue, 24 May 2005 09:39:18 +0200
From: Jeremie Le Hen <jeremie@le-hen.org>
To: Eric Masson <e-masson@kisoft-services.com>
Message-ID: <20050524073918.GO850@obiwan.tataz.chchile.org>
References: <20050523122742.49622.qmail@web8508.mail.in.yahoo.com>
	<20050523214636.GG850@obiwan.tataz.chchile.org>
	<86oeb13x38.fsf@srvbsdnanssv.interne.kisoft-services.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <86oeb13x38.fsf@srvbsdnanssv.interne.kisoft-services.com>
User-Agent: Mutt/1.5.9i
Cc: freebsd-security@freebsd.org, mohan chandra <mohanchandra_01@yahoo.co.in>,
	Jeremie Le Hen <jeremie@le-hen.org>
Subject: Re: How to setup IPSec tunnel between FreeBSD and Linux systems...?
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 24 May 2005 07:39:20 -0000

Hi Eric,

> > FreeBSD uses either KAME IPSec or OpenBSD IPSec (known as Fast-IPSec).
> > As far as I can tell, they are mostly compatible.
> 
> No interop problem known here with pre shared keys.
> 
> > Since the daemons and configuration tools are the same now in BSD and
> > Linux, I think this should not bring to much pain to you to make them
> > work together.
> 
> >From what i've read, Kame racoon seems to be deprecated in favor of
> ipsec-tools racoon, Larry Baird & Yvan Vanhullebus are working on NAT-T
> support on FreeBSD (patches available on ipsec-tools website) and merge
> into H

Thank you for these precisions.  I checked ipsec-tools website and I
can't find the NAT-T patch.  Would you point me out where it is please ?

Cheers,
-- 
Jeremie Le Hen
< jeremie at le-hen dot org >< ttz at chchile dot org >