Date: Mon, 13 Jan 2020 23:26:48 +0700 From: Victor Sudakov <vas@sibptus.ru> To: freebsd-net@freebsd.org Subject: Re: replacement of security/ipsec-tools Message-ID: <20200113162648.GA10976@admin.sibptus.ru> In-Reply-To: <b7b56621-6632-b811-4bf1-479e43e25678@denninger.net> References: <50378AC0-0A0A-4E33-961F-3D180987A8C1@ellael.org> <20200110035009.GB67842@admin.sibptus.ru> <20200110065131.GA79879@admin.sibptus.ru> <20200111112307.GA62210@admin.sibptus.ru> <b7b56621-6632-b811-4bf1-479e43e25678@denninger.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--sm4nu43k4a2Rpi4c Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Karl Denninger wrote: [dd] >=20 > Strongswan works fine with Win10 HOWEVER note that Windows 10 until > somewhat recently (last summer, I believe) and ALL PREVIOUS VERSIONS > (e.g. Win7, 8, etc.) had a SEVERE problem with IkeV2 connections, which Karl, Thanks a lot for the detailed info. I may need it one day. For the present, however, I'm interested not in an IPSec VPN (in Windows terminology) but in a simple transport mode IPSec between a FreeBSD and a Windows host.=20 My only option for that is IKEv1 because IKEv2 is configured on Windows 10 and Windows 2016 from PowerShell only, and I need to configure a secure connection via Group Policy editor (mmc). I'm still too weak of heart to use PowerShell for IPSec setup. I have this working successfully with racoon (on pre-shared keys) and am investigating the possibility to replace racoon with strongswan. --=20 Victor Sudakov, VAS4-RIPE, VAS47-RIPN 2:5005/49@fidonet http://vas.tomsk.ru/ --sm4nu43k4a2Rpi4c Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEcBAEBAgAGBQJeHJpIAAoJEA2k8lmbXsY0eAEH/A8U3IWGAuL4iw182HZ3/dTA xO/umK9QPWH+tv+1dwiOEsiRSRz5PMMOjCATQTtq5LAMxMGtoRO9J6MSlNuo/dfj usmfGG26zyKIzVZToURIGvUN4bZpROs2ZoTBLj3g6zdp3QDB0Pq346617/m3LPbj S7DGex3HJavanCZAfz/sudZ3XJrlawRD3bHDgKww58j1yoCjLizQXg49F+3LIkQO EXMkz9RLLA6FmoRTpulo7vG04W0S5Vs6j5RWCJ5IXUJuOa33COX7ZwPqdPmQwyXP Suktxq7EMKYw475rxPf3Zh0rDtmZIuFQyHDTHA+ajvdPuQAuXUByfcM+4dyBC+I= =GhCL -----END PGP SIGNATURE----- --sm4nu43k4a2Rpi4c--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20200113162648.GA10976>