From owner-freebsd-net Sun Jan 27 1:31:23 2002 Delivered-To: freebsd-net@freebsd.org Received: from sauber.net (adsl-66-120-9-102.dsl.sntc01.pacbell.net [66.120.9.102]) by hub.freebsd.org (Postfix) with ESMTP id CF00137B417 for ; Sun, 27 Jan 2002 01:31:21 -0800 (PST) Received: from ctj-139.1.1.10.in-addr.arpa (blue-edge125 [210.81.148.125]) by sauber.net (8.11.3/8.11.3) with ESMTP id g0R9VKO35981 for ; Sun, 27 Jan 2002 01:31:20 -0800 (PST) (envelope-from sauber@netcom.com) Date: Sun, 27 Jan 2002 18:31:05 +0900 (JST) From: Soren Dossing X-X-Sender: To: Subject: ipsec, racoon, win2000, certifications, how-to? Message-ID: <20020127182146.M18351-100000@localhost> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I have posted a similar question a few days ago on freebsd-questions already but with no luck. I'm attempting to configure road-warrior win2000 laptops to access a ipsec server at the office. Since these win2000 laptops are dynamically assigned ip addresses, sometimes even behind nat, it seems like using certifications is the only possible option. But I can find very little documentation of how to do it. Does any of you know where to find documentation for how to create certifications, where to place them, how to use them, and how to configure ipsec, racoon and win2000 computers? I have attempted to use pre_shared keys, but it appear like they can only be used with fixed IP addresses in the psk.txt file. Or am I wrong? Soren To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message