From owner-freebsd-stable  Mon Mar 10  5:11:45 2003
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 734B737B401
	for <freebsd-stable@FreeBSD.ORG>; Mon, 10 Mar 2003 05:11:44 -0800 (PST)
Received: from gidgate.gid.co.uk (gid.co.uk [194.32.164.225])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 066D143F85
	for <freebsd-stable@FreeBSD.ORG>; Mon, 10 Mar 2003 05:11:43 -0800 (PST)
	(envelope-from rb@gid.co.uk)
Received: (from rb@localhost)
	by gidgate.gid.co.uk (8.11.6/8.11.6) id h2ADBdf17319;
	Mon, 10 Mar 2003 13:11:39 GMT
	(envelope-from rb)
Message-Id: <4.3.2.7.2.20030310130809.029283a8@gid.co.uk>
X-Sender: rbmail@gid.co.uk
X-Mailer: QUALCOMM Windows Eudora Version 4.3.2
Date: Mon, 10 Mar 2003 13:11:37 +0000
To: <jamie@tridentmicrosystems.co.uk>
From: Bob Bishop <rb@gid.co.uk>
Subject: Re: Cisco PIX 501 (3DES) to FreeBSD VPN Gateway
Cc: <freebsd-stable@FreeBSD.ORG>
In-Reply-To: <014601c2e6fa$50eff1f0$4a64a8c0@jamieheckford>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-stable.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-stable>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-stable>
X-Loop: FreeBSD.ORG

Hi,

At 11:43 10/3/03, Jamie Heckford wrote:
>Hi All,
>
>I am wondering if it is possible to setup a Cisco PIX 501 (3DES) to talk
>to a FreeBSD VPN Gateway.
>
>The VPN gateway currently runs MPD-Netgraph and Poptop to provide access
>to all Win XX series clients.
>
>What I am wondering is it possible to setup IPSec / racoon combo on the
>FreeBSD system so the PIX 501 can connect to it ok. [etc]

Yes, it can be done. See
http://www.freebsd.org/cgi/getmsg.cgi?fetch=354208+358968+/usr/local/www/db/text/2003/freebsd-current/20030119.freebsd-current

for a sample setup at the PIX end (The rest of the discussion isn't awfully 
relevant, if you see the symptoms I was complaining about it means the 
source/destination addresses are the wrong way round at the PIX end; the 
Cisco documentation is a bit opaque.)

--
Bob Bishop		    +44 (0)118 977 4017
rb@gid.co.uk		fax +44 (0)118 989 4254


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message