From owner-freebsd-net  Sat Jul 13  7:34:33 2002
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 4B4E737B400
	for <freebsd-net@freebsd.org>; Sat, 13 Jul 2002 07:34:32 -0700 (PDT)
Received: from mail.speakeasy.net (mail17.speakeasy.net [216.254.0.217])
	by mx1.FreeBSD.org (Postfix) with ESMTP id E23D643E3B
	for <freebsd-net@freebsd.org>; Sat, 13 Jul 2002 07:34:31 -0700 (PDT)
	(envelope-from jerkart@speakeasy.net)
Received: (qmail 14301 invoked from network); 13 Jul 2002 14:34:31 -0000
Received: from unknown (HELO jose.jerkart.net) ([216.254.115.11]) (envelope-sender <jerkart@speakeasy.net>)
          by mail17.speakeasy.net (qmail-ldap-1.03) with DES-CBC3-SHA encrypted SMTP
          for <freebsd-net@freebsd.org>; 13 Jul 2002 14:34:31 -0000
Date: Sat, 13 Jul 2002 10:34:30 -0400
Subject: Re: ipsec + racoon + WatchGuard Firebox?
Content-Type: text/plain; charset=US-ASCII; format=flowed
Mime-Version: 1.0 (Apple Message framework v482)
Cc: freebsd-net@freebsd.org
To: "James Satterfield" <james@floondoon.com>
From: Jeremy Karteczka <jerkart@speakeasy.net>
In-Reply-To: <002901c2296f$d98f6fc0$0feba8c0@sphynx>
Message-Id: <A40A341E-966D-11D6-8F63-000393003748@speakeasy.net>
Content-Transfer-Encoding: 7bit
X-Mailer: Apple Mail (2.482)
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-net.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-net>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-net>
X-Loop: FreeBSD.org

James,
If I recall correctly WatchGuard boxes are weird in the fact that they 
must exchange keys in DES, then they can go up to 3DES.  I don't have my 
documentation at home, but I was able to find this link to an example 
for OpenBSD.  With a little manipulation you should be able to get going 
from this.

http://www.rootprompt.net/openbsd_vpn.html

Best regards,
Jeremy Karteczka

On Friday, July 12, 2002, at 02:46 AM, James Satterfield wrote:

> Anyone have any success with creating a ipsec tunnel between a freebsd
> gateway and a WatchGuard Firebox? It looks like I'm getting past
> authentication. I can't tell if the tunnel is actually getting created, 
> but
> I certainly cannot move traffic through it.
>
> James.
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-net" in the body of the message
>


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message