Date: Wed, 20 Feb 2002 11:04:41 +0200 From: Barry Irwin <bvi@itouchlabs.com> To: tang hongbin <hongbintang@yahoo.com> Cc: freebsd-net@freebsd.org Subject: Re: connection win2000 to racoon on freebsd4.3 Message-ID: <20020220110441.F25707@itouchlabs.com> In-Reply-To: <20020220085354.5237.qmail@web11606.mail.yahoo.com>; from hongbintang@yahoo.com on Wed, Feb 20, 2002 at 12:53:54AM -0800 References: <20020220085354.5237.qmail@web11606.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I have had win2k working fine. The trick is you need to use MMC and the ipsec snapin to map your own IPsec policies, specifically remove the standard Kerberos authentication and either use shared passwords, or certificates, both of which work with Racoon. The phase 2 failure is indicitive that either your shared secrets do not match ( have you checked the psk.txt file for racoon - modes are especially NB in this mode - but also that you have the right secret for the IP address) Barry -- Barry Irwin bvi@itouchlabs.com +27214875150 Systems Administrator: Networks And Security Itouch Labs http://www.itouchlabs.com South Africa On Wed 2002-02-20 (00:53), tang hongbin wrote: > Dear all; > > I tried to build VPN tunnels between win2000 > professional and FreeBSD4.2 with RACOON as IKE > negotiator. The procedures were described as > following: > > 1: I set up local policies on win2000. > 2: I added rules into racoon.conf and/or psk.txt. > > when I sended messages from win2000 to BSD VPN server, > RACOON met problems at phase 2 and printed the > following infomation: > .... > isakmp-info_recv_n():776 unknown notify message.... > .. > > If you has succeeded in connecting win2000 and RACOON > on FressBSD, please give your setup procedure in > detail. > > Thank you > > bill.tang > hongbintang@yahoo.com > > > __________________________________________________ > Do You Yahoo!? > Yahoo! Sports - Coverage of the 2002 Olympic Games > http://sports.yahoo.com > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > > -- Barry Irwin bvi@itouchlabs.com +27214875150 Systems Administrator: Networks And Security Itouch Labs http://www.itouchlabs.com South Africa To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020220110441.F25707>