Date: Tue, 24 Dec 2002 00:43:15 -0800 (PST) From: "Jon O." <jono@securityreports.com> To: FreeBSD-gnats-submit@FreeBSD.org Subject: docs/46511: Small fixes for VPN article Message-ID: <200212240843.gBO8hFE82190@biggins.securityreports.com>
next in thread | raw e-mail | index | archive | help
>Number: 46511
>Category: docs
>Synopsis: Small fixes for VPN article
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-doc
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: update
>Submitter-Id: current-users
>Arrival-Date: Tue Dec 24 00:50:06 PST 2002
>Closed-Date:
>Last-Modified:
>Originator: Jon O.
>Release: FreeBSD 4.5-RC i386
>Organization:
>Environment:
System: FreeBSD biggins.securityreports.com 4.5-RC FreeBSD 4.5-RC #0: Tue Jan 22 23:14:29 PST 2002 root@biggins.securityreports.com:/usr/obj/usr/src/sys/BIGGINS i386
>Description:
Just some small fixes to some links, etc. in the VPN doc
>How-To-Repeat:
>Fix:
--- article.sgml Mon Dec 23 14:38:17 2002
+++ article.jono.sgml Tue Dec 24 00:31:17 2002
@@ -93,7 +93,7 @@
FW-1 Protected Nets Internal Nets
199.208.192.0/24 192.168.10.0/24</programlisting>
- <para>The FreeBSD gateway (<acronym>GW</acronym> serves as a firewall and
+ <para>The FreeBSD gateway <acronym>GW</acronym> serves as a firewall and
<acronym>NAT</acronym> device for <quote>internal nets.</quote></para>
<para>The FreeBSD kernel must be compiled to support IPSec.
@@ -104,7 +104,7 @@
options IPSEC_DEBUG</programlisting>
<para>For instructions on building a custom kernel, refer to the
- <ulink url="http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/x3663.html">;
+ <ulink url="http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig.html">;
FreeBSD handbook</ulink>. Please note that <acronym>IP</acronym>
protocol 50 (<acronym>ESP</acronym>) and <acronym>UDP</acronym>
port <literal>500</literal> must be open between the Firewall-1
@@ -142,7 +142,7 @@
(Do not use our example.)</para>
<programlisting>Support Aggressive Mode: Checked
-Supports Subnets: Checked</programlisting>
+Supports Subnets: Checked</programlisting>
<para>After setting the pre-shared secret in the Firewall-1 Network
Object definition, place this secret in
@@ -213,8 +213,8 @@
# IP addresses
#
# External Interface External Interface
-# 208.229.100.6 216.218.197.2
-# | |
+# 208.229.100.6 216.218.197.2
+# | |
# +--> Firewall-1 <--> Internet <--> FreeBSD GW <--+
# | |
# FW-1 Protected Nets Internal Nets
@@ -304,7 +304,7 @@
#certificate_type x509 "" "";
nonce_size 16;
- lifetime time 10 min; # sec,min,hour
+ lifetime time 10 min; # sec,min,hour
lifetime byte 5 MB; # B,KB,GB
initial_contact on;
support_mip6 on;
@@ -329,7 +329,7 @@
}</programlisting>
<para>Ensure that <filename>/usr/local/etc/racoon/psk.txt</filename>
- contains the shared secret configured in the "Firewall-1 Network Object
+ contains the pre-shared secret configured in the "Firewall-1 Network Object
Configuration" section of this document and has mode <literal>600</literal>
permissions.</para>
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-doc" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200212240843.gBO8hFE82190>