From owner-freebsd-questions@FreeBSD.ORG  Thu Jul  8 13:22:24 2010
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 346E61065673
	for <freebsd-questions@freebsd.org>;
	Thu,  8 Jul 2010 13:22:24 +0000 (UTC)
	(envelope-from steve@ipv6canada.com)
Received: from smtp.ibctech.ca (v6.ibctech.ca [IPv6:2607:f118::b6])
	by mx1.freebsd.org (Postfix) with SMTP id A6FB18FC24
	for <freebsd-questions@freebsd.org>;
	Thu,  8 Jul 2010 13:22:23 +0000 (UTC)
Received: (qmail 28716 invoked by uid 89); 8 Jul 2010 13:24:06 -0000
Received: from unknown (HELO ?IPv6:2607:f118::5?)
	(steve@ibctech.ca@2607:f118::5)
	by 2607:f118::b6 with ESMTPA; 8 Jul 2010 13:24:06 -0000
Message-ID: <4C35D11D.4000304@ipv6canada.com>
Date: Thu, 08 Jul 2010 09:22:37 -0400
From: Steve Bertrand <steve@ipv6canada.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
	rv:1.9.1.7) Gecko/20100111 Lightning/1.0b1 Thunderbird/3.0.1
MIME-Version: 1.0
To: =?ISO-8859-1?Q?Matheus_Weber_da_Concei=E7=E3o?=
 <matheuswcon@gmail.com>
References: <AANLkTikffXjLu2QTENeRiQ7PhFLrC3Viiar_1BZOQAeP@mail.gmail.com>
In-Reply-To: <AANLkTikffXjLu2QTENeRiQ7PhFLrC3Viiar_1BZOQAeP@mail.gmail.com>
X-Enigmail-Version: 1.0.1
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
Cc: freebsd-questions@freebsd.org
Subject: Re: VPN IPsec Help
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Jul 2010 13:22:24 -0000

On 2010.07.07 18:28, Matheus Weber da Conceição wrote:
> Hello guys;
> 
> I'm using a FreeBSD 7.0 in my firewall/gateway, and I have to connect
> via VPN to a Cisco box.
> 
> The scene here is:
> 
> * Peer A (Cisco): 200.xxx.xxx.xxx
>    IPs that Peer B need to access:
>       - 192.168.10.24
>       - 192.168.201.196
>       - 10.115.90.236
> 
> * Peer B (FreeBSD 7.0): 187.yyy.yyy.yyy (me)
> 
> 
> How can I configure this scene without using gif0 interface?

It has been a long time since I've done IPSec on FBSD, but I'm willing
to bet that this has to do with routing, possibly amongst other things.
On peer 'B' (FBSD box), what internal IP range are you trying to access
the A network from...the same ones (ie. are you trying to bridge the
networks)?

Do you have access to the Cisco gear?

If so, on FreeBSD, post the output of:

% netstat -rn

...and the output to the following on the Cisco:

% sh ip route stat

Steve