From owner-freebsd-stable@FreeBSD.ORG  Fri Feb 22 20:21:56 2013
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by hub.freebsd.org (Postfix) with ESMTP id BFC2BDEA
 for <freebsd-stable@freebsd.org>; Fri, 22 Feb 2013 20:21:56 +0000 (UTC)
 (envelope-from lists@pingle.org)
Received: from chloe.pingle.org (unknown [IPv6:2605:8000:d:1:40::1])
 by mx1.freebsd.org (Postfix) with ESMTP id 90FDA971
 for <freebsd-stable@freebsd.org>; Fri, 22 Feb 2013 20:21:56 +0000 (UTC)
Received: from chloe.pingle.org (unknown [127.0.0.1])
 by chloe.pingle.org (Postfix) with ESMTP id 0172F45017
 for <freebsd-stable@freebsd.org>; Fri, 22 Feb 2013 15:21:49 -0500 (EST)
X-Virus-Scanned: amavisd-new at pingle.org
Received: from chloe.pingle.org ([127.0.0.1])
 by chloe.pingle.org (chloe.pingle.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id 1tUkHQGGjwI0 for <freebsd-stable@freebsd.org>;
 Fri, 22 Feb 2013 15:21:48 -0500 (EST)
Received: from [IPv6:2001:470:1f11:e1c:dead:beef:c0de:cafe] (unknown
 [IPv6:2001:470:1f11:e1c:dead:beef:c0de:cafe])
 (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits))
 (No client certificate requested) (Authenticated sender: jim)
 by chloe.pingle.org (Postfix) with ESMTPSA id 67FD745009
 for <freebsd-stable@freebsd.org>; Fri, 22 Feb 2013 15:21:48 -0500 (EST)
Message-ID: <5127D353.2070601@pingle.org>
Date: Fri, 22 Feb 2013 15:21:39 -0500
From: Jim Pingle <lists@pingle.org>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64;
 rv:17.0) Gecko/20130215 Thunderbird/17.0.3
MIME-Version: 1.0
To: freebsd-stable@freebsd.org
Subject: Re: Ipsec VPN tunnel from a Win/7 box?
References: <511D3E56.9060103@denninger.net> <511E5622.3050905@cello.com>
 <511E582E.4030408@denninger.net>
In-Reply-To: <511E582E.4030408@denninger.net>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Feb 2013 20:21:56 -0000

On 2/15/2013 10:45 AM, Karl Denninger wrote:
> On 2/15/2013 9:37 AM, Kurt Lidl wrote:
>>
>> Hmm.
>>
>> I've got IPSEC tunnels from Windows XP and Windows 7 working
>> to a FreeBSD 8.3 host, using NAT/T.
>>
>> I'm using the Shrewsoft client: http://www.shrew.net/software
>>
>> -Kurt
>> _________________
> 
> The goal is to do it using only the native Win/7 VPN support.
> 
> So far I've failed for IPSEC :-)
> 

A little late, but you might find this helpful/interesting:

http://forum.pfsense.org/index.php?topic=55754.0

Seems to take a little work on the Windows side, but pfSense uses racoon
(ipsec-tools) on FreeBSD so it should be possible to replicate on a
plain FreeBSD install, the poster even gives the racoon.conf and spd
entries.

Jim