Date: Mon, 17 Sep 2001 10:45:02 +0100 From: "Terry" <terry432@hotmail.com> To: <freebsd-security@FreeBSD.ORG> Subject: RE: isakmpd for freebsd howto Message-ID: <MPENKFCCIIDAJKJJOLBHGEBPCAAA.terry432@hotmail.com> In-Reply-To: <Pine.BSF.4.21.0109141253250.8385-100000@athena.za.net>
next in thread | previous in thread | raw e-mail | index | archive | help
after some investigation it turns out that dynamic ip end-points are not
compatible with racoon at all.
so i'm going to try isakpmd (ported package isakmpd-20010403.tgz for freebsd
4.2-rel)
the binaries seem to work ok, conf files read in ok... but then nothing
(!)...
anyone know of any how-tos? seeting up gif tunnels required?
ideas / comments welcome.
t
---------------------------------------
On Fri, 14 Sep 2001, Terry wrote:
>
> I can get a FreeBSD IPSEC VPN (tunnel mode) going ... (setting up
> gif0, routing etc etc)...
>
> and I can JUST ABOUT do a FreeBSD<->win2k ipsec transport mode
> going...
>
> i want to be able to have mobile win2k laptops join the static ipsec
> vpn... i guess they use transport mode?
>
> anyway, documentation is scarce (ipve spent a week reading stuff from
> the bsd, ipsec sites, mailing and news archives... no luck)... the
> scope IS THERE ... the racoon config file format does allow connection
> specific SA's to be genereated:
>
> remote anonymous {...} (anyone)
> sainfo anonymous {...} (again, anyone)
>
> remote address 1.2.3.4 (extra ones?)
> sainfo address 1.2.3.4 (extra ones?)
>
> has anyone done this?
> i'm using freebsd 4.3-release, will use 4.4-release when its out...
>
> any help/ideas welcome
>
>
> --
> Information in this electronic mail message is confidential
> and may be legally privileged. It is intended solely for
> the addressee. Access to this message by anyone else is
> unauthorised. If you are not the intended recipient any
> use, disclosure, copying or distribution of this message is
> prohibited and may be unlawful. When addressed to our
> customers, any information contained in this message is
> subject to Intelligent Network Technology Ltd Terms & Conditions.
> --
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
This email has been virus scanned using Sophos Anti-Virus by intY
(www.inty.net)
--
Information in this electronic mail message is confidential
and may be legally privileged. It is intended solely for
the addressee. Access to this message by anyone else is
unauthorised. If you are not the intended recipient any
use, disclosure, copying or distribution of this message is
prohibited and may be unlawful. When addressed to our
customers, any information contained in this message is
subject to Intelligent Network Technology Ltd Terms & Conditions.
--
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?MPENKFCCIIDAJKJJOLBHGEBPCAAA.terry432>