From owner-freebsd-questions Tue Dec 3 3:31:54 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DF59E37B401 for ; Tue, 3 Dec 2002 03:31:53 -0800 (PST) Received: from slacknet.slacknet.com (slacknet.slacknet.com [204.228.135.180]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7B12543ED8 for ; Tue, 3 Dec 2002 03:31:53 -0800 (PST) (envelope-from rj45@slacknet.com) Received: from rj45 (helo=localhost) by slacknet.slacknet.com with local-esmtp (Exim 3.35 #1 (Debian)) id 18JBHM-0007fa-00 for ; Tue, 03 Dec 2002 04:31:52 -0700 Date: Tue, 3 Dec 2002 04:31:52 -0700 (MST) From: RJ45 To: questions@freebsd.org Subject: IPsec VPN between FreeBSD and WinXP Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hello. I could set up succesfully a IPSec transport mode VPN between WinXP and FreeBSD 4.7 The problem is that it works only if I Start the first connection from WinXP to FreeBSD box, and the vice versa does not work. If The very first IPSec connection starts from FreeBSD I have this kind of errors: Dec 3 12:32:41 hal9000 /kernel: IPv4 ESP input: no key association found for spi 69118078 Instead once I ping from WinXP then I Can also ping from FreeBSD to WinXP succesfully. It looks like IPsec transport cannot be initialized if FreeBSD starts a connection with its peer IPsec WinXP host. any hints about this?? I used this document as reference for setting up IPsec VPN: http://www.wiretapped.net/~fyre/ipsec/ thanks Rick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message