From owner-freebsd-security@FreeBSD.ORG  Wed Jan 25 17:56:31 2006
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
X-Original-To: freebsd-security@freebsd.org
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 476AB16A420
	for <freebsd-security@freebsd.org>;
	Wed, 25 Jan 2006 17:56:31 +0000 (GMT)
	(envelope-from fgleiser@cactus.fi.uba.ar)
Received: from cactus.fi.uba.ar (cactus.fi.uba.ar [157.92.49.108])
	by mx1.FreeBSD.org (Postfix) with ESMTP id A986443D7F
	for <freebsd-security@freebsd.org>;
	Wed, 25 Jan 2006 17:56:21 +0000 (GMT)
	(envelope-from fgleiser@cactus.fi.uba.ar)
Received: from localhost (localhost [127.0.0.1])
	by cactus.fi.uba.ar (8.13.4/8.13.4) with ESMTP id k0PHuYAt037035;
	Wed, 25 Jan 2006 14:56:34 -0300 (ART)
	(envelope-from fgleiser@cactus.fi.uba.ar)
Date: Wed, 25 Jan 2006 14:56:34 -0300 (ART)
From: Fernando Gleiser <fgleiser@cactus.fi.uba.ar>
To: Vaida Bogdan <vaida.bogdan@gmail.com>
In-Reply-To: <12848a3b0601230055h12b7169uce7f1fbb2f0da8e6@mail.gmail.com>
Message-ID: <20060125145213.A65853@cactus.fi.uba.ar>
References: <12848a3b0601221142r2161c20ka6d128ecf5c299aa@mail.gmail.com>
	<43D3E694.9040902@aeternal.net>
	<12848a3b0601230055h12b7169uce7f1fbb2f0da8e6@mail.gmail.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
X-Scanned-By: MIMEDefang 2.52 on 157.92.49.108
Cc: freebsd-security@freebsd.org
Subject: Re: setting up vpn client on a freebsd workstation
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Jan 2006 17:56:31 -0000

On Mon, 23 Jan 2006, Vaida Bogdan wrote:

> I don't need openvpn, I need IPSEC (KAME). So none of the proposed
> solutions work.
>
> I am the "FreeBSD Client" in the configuration so I can't change the
> server vpn implementation.
>

Some basic questions: are your certificates self-signed? are your 
certificates and the linux ones signed by the same CA? you need to send
your certificate and your CA's certificate to the linux admin so s?he
can install them in the linux box.

For the local config, look here:

http://ezine.daemonnews.org/200502/ipsec.html


Hope this helps


 		Fer