Date: Fri, 27 Aug 2004 18:19:49 -0600 From: Aaron Siegel <aj@siegel-tech.net> To: freebsd-questions@freebsd.org Subject: IPSEC Problems Message-ID: <200408271819.49729.aj@siegel-tech.net>
next in thread | raw e-mail | index | archive | help
Hello I am stumped I am try to get a very simple IPSEC tunnel between my laptops and gateway. I can not seem to get the IKE to authenticate. I have had this working in with my other server which has been moved to a new location. I have a FreeBSD 4.10 Stable server and an 5.2.1 Release. I am aware of the problems with 5.2.1. I am not sure what I am missing. Is there a problem with 4.10 Stable? Both, my Window XP machine and FreeBSD 5.2.1 are able to create a link with my new server, both of these computers were working with my old server. I have been able to setup a link between this computer and with my other server. I have listed my configuration bellow Thank you, Aaron Laptop config /etc/ipsec.conf spdadd 192.168.245.12/32 0.0.0.0/0 tcp -P out ipsec esp/tunnel/192.168.245.12-192.168.245.1/require; spdadd 0.0.0.0/0 192.168.245.12/32 tcp -P in ipsec esp/tunnel/192.168.245.1-192.168.245.12/require; I have copied the racoon.conf.dist file to /usr/local/etc/racoon/racoon.conf I have change the "life time" parameter to "1 hour" /usr/local/etc/racoon/psk.txt 192.168.245.1 Secret Key Kernel options IPSEC options IPSEC_ESP options IPSEC_DEBUG Server /etc/ipsec.conf spdadd 192.168.245.12/32 0.0.0.0/0 tcp -P in ipsec esp/tunnel/192.168.245.12-192.168.245.1/require; spdadd 0.0.0.0/0 192.168.245.12/32 tcp -P out ipsec esp/tunnel/192.168.245.1-192.168.245.12/require; spdadd 192.168.245.15/32 0.0.0.0/0 any -P in ipsec esp/tunnel/192.168.245.15-192.168.245.1/require; spdadd 0.0.0.0/0 192.168.245.15/32 any -P in ipsec esp/tunnel/192.168.245.1-192.168.245.15/require; I have copied the racoon.conf.dist file to /usr/local/etc/racoon/racoon.conf I have change the "life time" parameter to "1 hour" /usr/local/etc/racoon/psk.txt 192.168.245.12 Secret Key 192.168.245.15 Secret Key Kernel options FAST_IPSEC
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200408271819.49729.aj>