From owner-freebsd-questions@FreeBSD.ORG  Mon May 16 11:52:52 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id CABAE16A4CE
	for <freebsd-questions@freebsd.org>;
	Mon, 16 May 2005 11:52:52 +0000 (GMT)
Received: from ciao.gmane.org (main.gmane.org [80.91.229.2])
	by mx1.FreeBSD.org (Postfix) with ESMTP id CA1E443DAD
	for <freebsd-questions@freebsd.org>;
	Mon, 16 May 2005 11:52:51 +0000 (GMT)
	(envelope-from freebsd-questions@m.gmane.org)
Received: from list by ciao.gmane.org with local (Exim 4.43)
	id 1DXe8Q-0001bu-0h
	for freebsd-questions@freebsd.org; Mon, 16 May 2005 13:51:46 +0200
Received: from dsl-62-3-100-125.zen.co.uk ([62.3.100.125])
        by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
        id 1AlnuQ-0007hv-00
        for <freebsd-questions@freebsd.org>; Mon, 16 May 2005 13:51:46 +0200
Received: from darenr by dsl-62-3-100-125.zen.co.uk with local (Gmexim 0.1
	(Debian))        id 1AlnuQ-0007hv-00
	for <freebsd-questions@freebsd.org>; Mon, 16 May 2005 13:51:46 +0200
X-Injected-Via-Gmane: http://gmane.org/
To: freebsd-questions@freebsd.org
From: Daren Russell <darenr@end-design.co.uk>
Date: Mon, 16 May 2005 12:51:50 +0100
Lines: 24
Message-ID: <d6a1fg$pf1$1@sea.gmane.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Complaints-To: usenet@sea.gmane.org
X-Gmane-NNTP-Posting-Host: dsl-62-3-100-125.zen.co.uk
User-Agent: Mozilla Thunderbird 1.0.2 (X11/20050404)
X-Accept-Language: en-us, en
Sender: news <news@sea.gmane.org>
Subject: IPSec and Racoon between 5.4 and 4.11
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 16 May 2005 11:52:52 -0000

Hi,

We have a VPN between two FBSD machines using IPSEC and Racoon.  I
managed to put this together a couple of years back with (getting) old
hardware, although I am certainly no expert.  One of the machines is
about to be replaced as it is occasionally conking out, and I though I
would try the 5.4 release on the new hardware (both existing machines
are running 4.9)

I have setup internally the layout and effectively replicated the
configs of both machines (except for the one being 5.4, and a second
running 4.11 instead of 4.9), but I cannot get them talking.  The
configs for Racoon/IPSec/psk have been transferred over with zero
changes.  The 5.4 machine is using standard IPSEC (not FAST_IPSEC), and
a standard tunnel works fine.  It's as soon as IPSec/Racoon is brought
in that it falls over.

Has anybody got 5.4 <-> 4.11 talking in this config, or does anybody
know of any pitfalls because of kernel changes?

The only other thing is the 5.4 machine is running amd64.

Thanks for any help / pointers.
Daren