From owner-freebsd-stable Thu Aug 22 7:43:21 2002 Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9102B37B401 for ; Thu, 22 Aug 2002 07:43:11 -0700 (PDT) Received: from zeus.ladot.com (office.ladot.com [217.22.64.134]) by mx1.FreeBSD.org (Postfix) with ESMTP id C09C543E72 for ; Thu, 22 Aug 2002 07:43:10 -0700 (PDT) (envelope-from maikel@ladot.com) Received: from nlladot05.freehosting (nlladot05.intern.ladot.com [172.31.2.13]) by bonaire.intern.ladot.com (8.12.4/8.12.4) with ESMTP id g7MC2vxI096661 for ; Thu, 22 Aug 2002 14:02:57 +0200 (CEST) (envelope-from maikel@ladot.com) Received: by nlladot05.intern.ladot.com with Internet Mail Service (5.5.2653.19) id ; Thu, 22 Aug 2002 13:52:39 +0200 Message-ID: <410777FC7A66D511911500B0D0783455013CF285@nlladot05.intern.ladot.com> From: Maikel Verheijen To: "'stable@freebsd.org'" Subject: Racoon ipsec to multiple VLAN's behind a cisco PIX question Date: Thu, 22 Aug 2002 13:52:38 +0200 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi list! I have a VPN connection running from my (home) freebsd gateway, to our company Cisco PIX firewall. My network setup is as following: 10.0.0.x/24 - [Freebsd] -- { inet cloud } -- [Pix] - 10.31.0.0 / 16 - [router] - 172.31.0.0 /16 I can make a vpn connection from my freebsd box to the pix, but I can ONLY connect to 1 of the 2 subnets. If my connection to the 172.31.0.0/16 network is set up (using a policy), I cannot connect to the 10.31.0.0/16 network, and vice-versa. If I put in a policy for BOTH subnets, only one will become active, and I cannot connect to the other subnet. We tried using "multiple" tunnels (on both the PIX and the FreeBSD box), and using a route for the 172.31.0.0/16 range over the 10.31.0.0/16 vlan. Both did NOT work. Did anyone come across the same problem? I am using FreeBSD 4.6-STABLE (Fri Aug 9) and Racoon (racoon-20020507a). The PIX is running software 6.1(1). Kind regards, Maikel Verheijen It is a book about a Spanish guy called Manual. You should read it. -- Dilbert To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message