From owner-freebsd-net@FreeBSD.ORG Mon Jul 13 15:29:59 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CBF4F1065670 for ; Mon, 13 Jul 2009 15:29:59 +0000 (UTC) (envelope-from rascal1981@gmail.com) Received: from mail-vw0-f172.google.com (mail-vw0-f172.google.com [209.85.212.172]) by mx1.freebsd.org (Postfix) with ESMTP id 8137D8FC13 for ; Mon, 13 Jul 2009 15:29:59 +0000 (UTC) (envelope-from rascal1981@gmail.com) Received: by vwj2 with SMTP id 2so1935237vwj.3 for ; Mon, 13 Jul 2009 08:29:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id:subject :from:to:content-type; bh=4UkhU27/CHXuxGssbTL3uRalgp/p91Iu4JwZq7RLYG8=; b=M8JLjqjZjogxdChtj6xH6Z76sVHMdKfzSnYjVsNV683vh1wCX4KZBcZNha8GjePetI QZPp74AXEUEfOhh4ySs15EUXuAqrKmwH099vB9Ci51mPhgcUtf/fKheEqnuB9y1D6+GX W7v3kzT0vg4F0BNpyNNNnXSTXXLOLrEcEj9KU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=lI1qOuLLsw+fQ80KvJqTw39WJgFaa49plNs4TkzhBcZzh9UbbRQkRCBYHgTyPooDnS BgcTOY9HeCY18UCJcsyxR07p0rfIEW7ARFkKpzGq2vYyIKUOIv4nbDPmTk8SssS/hbiK BDF7q/aXdeUZVdvI5akInm1xCnf4Gib7WLRzg= MIME-Version: 1.0 Received: by 10.220.94.69 with SMTP id y5mr7345284vcm.6.1247497752282; Mon, 13 Jul 2009 08:09:12 -0700 (PDT) Date: Mon, 13 Jul 2009 11:09:11 -0400 Message-ID: <3228ef7c0907130809n29566514xb2c1f522e1da8a3f@mail.gmail.com> From: rascal To: freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: question regarding IPSEC Setup X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Jul 2009 15:30:00 -0000 So I have a couple of questions regarding a scenario that has recently been brought to me. I have two sites, one with a cisco device and one with a server running freebsd 7.2. The client wants to connect the two sites using these devices and I am told that the best way would be to establish an IPSEC tunnel between the cisco device and the freebsd server. The cisco is a concentrator 3000 and the server is just a dell poweredge 860 with 4 nics in the back running 7.2 freebsd. I guess my two questions are: 1. Has anyone done this before and what are their results? 2. Is setting up an IPSEC tunnel the best route for this or is there something else I should be looking at? 3. Any tips/tricks/good sites to check on for setting up IPSEC on freebsd (I am currently reading http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ipsec.html which is pretty darn good)? Thanks in advance for any help!! --- Matthew