From owner-freebsd-security Sun Mar 11 20:50:16 2001 Delivered-To: freebsd-security@freebsd.org Received: from smtprelay1.adelphia.net (smtprelay1.adelphia.net [64.8.25.6]) by hub.freebsd.org (Postfix) with ESMTP id A58A837B719; Sun, 11 Mar 2001 20:50:09 -0800 (PST) (envelope-from packetwhore@stargate.net) Received: from pa-westmifflin1a-385.pit.adelphia.net ([24.48.239.129]) by smtprelay1.adelphia.net (Netscape Messaging Server 4.15) with ESMTP id GA2IQX00.U4C; Sun, 11 Mar 2001 23:49:45 -0500 Date: Sun, 11 Mar 2001 23:42:59 -0500 (EST) From: pW X-X-Sender: To: Bob Van Valzah Cc: , Subject: Re: Racoon Problem & Cisco Tunnel In-Reply-To: <3AAC52F4.1000602@Talarian.Com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Out of curiosity... do your DSL users have public static IPs? I work at an ISP and almost all of our DSL customers have static private IPs and use NAT for public ones... just wondering because you may have to enable some sort of NAT transparency otherwise it may break the VPN... just a thought... shawn On Sun, 11 Mar 2001, Bob Van Valzah wrote: > I have several remote FreeBSD users who want to connect their home LANs > to my trusted network over an IPSec tunnel via a DSL connection. I'd > like my end of the tunnel to terminate on a Cisco if possible. (Though I > do have many FreeBSD boxes handy, I just feel better when layer-2 > infrastructure doesn't depend on boxes with hard drives.) Any general > advice on how to do this would be appreciated. > > As near as I can tell, I have to run racoon and configure it for > pre-shared keys to talk to the cisco. But I don't think the racoon is > even starting right. I get this message: "ERROR: > pfkey.c:207:pfkey_handler(): pfkey X_SPDDUMP failed No such file or > directory." Happens with the config files I've written and the stock > ones. I'm running a freshly sup'd box with racoon-20010222a built from > ports. > > All help and advice appreciated. > > Thanks, > > Bob > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message