From owner-freebsd-security@FreeBSD.ORG  Tue May  9 07:56:19 2006
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
X-Original-To: freebsd-security@freebsd.org
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 7869E16A41F
	for <freebsd-security@freebsd.org>;
	Tue,  9 May 2006 07:56:19 +0000 (UTC)
	(envelope-from mikhailg@webanoide.org)
Received: from cayster.multisite.site5.com (cayster.multisite.site5.com
	[216.118.97.189])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 1DF5643D45
	for <freebsd-security@freebsd.org>;
	Tue,  9 May 2006 07:56:19 +0000 (GMT)
	(envelope-from mikhailg@webanoide.org)
Received: from ppp105-174.lns1.hba1.internode.on.net ([150.101.105.174])
	by cayster.multisite.site5.com with esmtpa (Exim 4.52)
	id 1FdN4q-0002K7-CR; Tue, 09 May 2006 03:56:16 -0400
Message-ID: <44604B1E.2070802@webanoide.org>
Date: Tue, 09 May 2006 17:56:14 +1000
From: Mikhail Goriachev <mikhailg@webanoide.org>
Organization: Webanoide
User-Agent: Thunderbird 1.5.0.2 (Macintosh/20060308)
MIME-Version: 1.0
To: fred bloggs <johnryan_852@hotmail.com>
References: <BAY22-F24A1D0E97146FC60902901A8A90@phx.gbl>
In-Reply-To: <BAY22-F24A1D0E97146FC60902901A8A90@phx.gbl>
X-Enigmail-Version: 0.94.0.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Antivirus-Scanner: This message has been scanned by ClamAV.
X-AntiAbuse: This header was added to track abuse,
	please include it with any abuse report
X-AntiAbuse: Primary Hostname - cayster.multisite.site5.com
X-AntiAbuse: Original Domain - freebsd.org
X-AntiAbuse: Originator/Caller UID/GID - [0 0] / [47 12]
X-AntiAbuse: Sender Address Domain - webanoide.org
X-Source: 
X-Source-Args: 
X-Source-Dir: 
Cc: freebsd-security@freebsd.org
Subject: Re: IPsec with Racoon2
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 09 May 2006 07:56:20 -0000

fred bloggs wrote:
> Hi,
> 
> I tried posting this to FreeBSD-questions and to freebsd-security (while
> not a member) and haven't had any replies.
> 
> I'm trying to get IPsec running between 2 FreeBSD boxes, using racoon2.
> I was originnaly using vmware systems, but in order to eliminate vmware
> as a cause, I've moved it to a native machine.
> 
> [...]
>
> Anyone got any idea what I'm doing wrong?
> 
> Thanks in advance
> John Ryan
> 


Hi,

You might wanna consider /usr/ports/security/ipsec-tools instead. The
following is an excellent doco on the matter:

http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ipsec.html

I got it cranking on production and it works like a charm.

Cheers,
Mikhail.


-- 
Mikhail Goriachev
Webanoide

Telephone: +61 (0)3 62252501
Mobile Phone: +61 (0)4 38255158
E-Mail: mikhailg@webanoide.org
Web: http://www.webanoide.org

PGP Key ID: 0x4E148A3B
PGP Key Fingerprint: D96B 7C14 79A5 8824 B99D 9562 F50E 2F5D 4E14 8A3B