From owner-freebsd-net  Tue Nov 14 11: 1:36 2000
Delivered-To: freebsd-net@freebsd.org
Received: from greencreek.kappaisle.com (24.65.73.235.on.wave.home.com [24.65.73.235])
	by hub.freebsd.org (Postfix) with ESMTP id D922937B4C5
	for <freebsd-net@freebsd.org>; Tue, 14 Nov 2000 11:01:31 -0800 (PST)
Received: from localhost (mikey@localhost)
	by greencreek.kappaisle.com (8.9.3/8.9.3) with ESMTP id OAA92075;
	Tue, 14 Nov 2000 14:18:30 -0500 (EST)
	(envelope-from mikey@kappaisle.com)
Date: Tue, 14 Nov 2000 14:18:30 -0500 (EST)
From: Mike <mikey@kappaisle.com>
To: Mike Tancsa <mike@sentex.net>
Cc: freebsd-net@freebsd.org
Subject: Re: VPN over PPPoE (racoon at fault?)
In-Reply-To: <mcg11tscg1muv0kl3n46ojldqbjid4ruql@4ax.com>
Message-ID: <Pine.BSF.4.21.0011141404280.92064-100000@greencreek.kappaisle.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Mike,

I had the same experience here as well.  Racoon doesn't seem to like PPPoE
for some reason...

Mike

On Tue, 14 Nov 2000, Mike Tancsa wrote:

> On 9 Nov 2000 17:01:58 -0500, in sentex.lists.freebsd.net you wrote:
> 
> >Hi all,
> >
> >Has anyone ever successfully configured VPN (using IPSec protocol) over
> >PPPoE connection?  I have 1 VPN configured over 2 locations with T1
> >connections without any problem (using the KAME IPSec on FreeBSD
> >4.1.1).  However, when I tried the same configuration with the 3rd
> >location running DSL, it seems the IPSec packets can't reach out via tun0
> >device.
> 
> I can do it with manual keying, but not with racoon.  Both transport and
> tunnel mode work for me, but neither works with racoon.  NAT is a bit
> tricky, but then again with tunnel mode, it doesnt really matter.
> 
> 
> One end is
> 4.2-BETA FreeBSD 4.2-BETA #0: Mon Nov 13 13:52:46 EST 2000
> other is 
> 4.2-BETA FreeBSD 4.2-BETA #0: Sun Nov  5 18:25:14 EST 2000 
> 
> This is via the same sort of DSL you are using i.e. Bell Nexxia type stuff
> through a Redback etc...
> 
> I havent had time to send a note to the KAME folk, but when using racoon on
> DSL, I get these sorts of log entries that I dont normally get
> 
> 2000-11-13 23:46:29: isakmp_agg.c:927:agg_r2recv():
> real.addr.totally-diff-subnet.1 ignore the packet, received unexpecting
> payload type 1.
> 2000-11-13 23:46:10: isakmp_inf.c:177:isakmp_info_recv():
> real.addr.totally-diff-subnet.1 ignore the packet, received unexpecting
> payload type 89.
> 2000-11-13 23:52:37: isakmp_inf.c:177:isakmp_info_recv():
> real.addr.totally-diff-subnet.4 ignore the packet, received unexpecting
> payload type 187.
> 
> 	---Mike
> Mike Tancsa  (mdtancsa@sentex.net)		
> Sentex Communications Corp,   		
> Waterloo, Ontario, Canada
> "Given enough time, 100 monkeys on 100 routers 
> could setup a national IP network." (KDW2)
> 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message