From owner-freebsd-security Sat Mar 24 13:40:15 2001 Delivered-To: freebsd-security@freebsd.org Received: from mls.gtonet.net (mls.gtonet.net [216.112.90.195]) by hub.freebsd.org (Postfix) with ESMTP id 334A037B719 for ; Sat, 24 Mar 2001 13:40:11 -0800 (PST) (envelope-from oldfart@gtonet.net) Received: from pld (pld.gtonet.net [216.112.90.200]) by mls.gtonet.net (8.11.3/8.11.3) with SMTP id f2OLdHR20434; Sat, 24 Mar 2001 13:39:18 -0800 (PST) (envelope-from oldfart@gtonet.net) Reply-To: From: "oldfart@gtonet" To: "Jorge Peixoto Vasquez" , Subject: RE: IPSEC: racoon and Win2K Date: Sat, 24 Mar 2001 13:39:12 -0800 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) In-Reply-To: <39F078A4FCEC5D408C23FC3D92DEE40201628F@tyr.kinsman.lan> X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Importance: Normal Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org You've posted the same message 9 times, please stop. Somebody will help IF/when they can. OF > -----Original Message----- > From: owner-freebsd-security@FreeBSD.ORG > [mailto:owner-freebsd-security@FreeBSD.ORG]On Behalf Of Jorge Peixoto > Vasquez > Sent: Saturday, March 24, 2001 1:33 PM > To: freebsd-security@FreeBSD.ORG > Subject: IPSEC: racoon and Win2K > > > I've read the mini-howto on how to setup IPSEC on the FreeBSD > (http://asherah.dyndns.org/~josh/ipsec-howto.txt) and have been most > succesful so far. > > I would be very glad if anyone could help me on the following matter: > > The only problem I've encountered is that, when making Win2K and FreeBSD > interoperate, the IKE's phase 2 only suceeds if > Win2K initiates the process. If racoon is to start it, Win2k will not > accept any proposal for phase 2, complaining that the dh group number > (which should correctly be either 1 or 2) received is 1 or 2 (depending > on the pfs_group setting in racoon.conf) and not null(0). If I try > setting pfs_group to null, I get a parse error. > > All the docs I found in the kame site (www.kame.net), the handbook, and > the man pages haven't been of any help too. > > Thank you very much for your attention, > > Sincerely, > > jOrge > > p.s. I am using FreeBSD 4.2-Stable, racoon 20001111a and (YES) I got the > high-encryption pack and SP1 installed on the Win2K box. > -- > Jorge Peixoto Vasquez, Elet. Eng. > Aker Security Solutions > tel. +55 - 61 - 340 9083 > > > > > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message