From owner-freebsd-security Fri Sep 14 3:51:21 2001 Delivered-To: freebsd-security@freebsd.org Received: from rod.inty.net (rod.inty.net [195.224.93.241]) by hub.freebsd.org (Postfix) with ESMTP id 5732337B407 for ; Fri, 14 Sep 2001 03:51:15 -0700 (PDT) Received: from inty.hq.inty.net (inty.hq.inty.net [213.38.150.150]) by rod.inty.net (8.11.3/8.11.2) with ESMTP id f8EApDv51117 for ; Fri, 14 Sep 2001 11:51:14 +0100 (BST) Received: from tariq ([10.0.1.156]) by inty.hq.inty.net (8.9.3/8.9.3) with SMTP id LAA23805 for ; Fri, 14 Sep 2001 11:51:13 +0100 (BST) From: "Terry" To: Subject: adding a win2k client to a bsd ipsec net - 2modes at once? Date: Fri, 14 Sep 2001 11:51:40 +0100 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <48600.1000464207@axl.seasidesoftware.co.za> X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4807.1700 Importance: Normal Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I can get a FreeBSD IPSEC VPN (tunnel mode) going ... (setting up gif0, routing etc etc)... and I can JUST ABOUT do a FreeBSD<->win2k ipsec transport mode going... i want to be able to have mobile win2k laptops join the static ipsec vpn... i guess they use transport mode? anyway, documentation is scarce (ipve spent a week reading stuff from the bsd, ipsec sites, mailing and news archives... no luck)... the scope IS THERE ... the racoon config file format does allow connection specific SA's to be genereated: remote anonymous {...} (anyone) sainfo anonymous {...} (again, anyone) remote address 1.2.3.4 (extra ones?) sainfo address 1.2.3.4 (extra ones?) has anyone done this? i'm using freebsd 4.3-release, will use 4.4-release when its out... any help/ideas welcome -- Information in this electronic mail message is confidential and may be legally privileged. It is intended solely for the addressee. Access to this message by anyone else is unauthorised. If you are not the intended recipient any use, disclosure, copying or distribution of this message is prohibited and may be unlawful. When addressed to our customers, any information contained in this message is subject to Intelligent Network Technology Ltd Terms & Conditions. -- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message