Date: Thu, 12 Jun 2003 18:08:11 +1000 From: "Peter Sandilands" <peter@sandilands.vu> To: freebsd-net@freebsd.org Subject: FBSD 4.8 + IPSEC + Racoon to D-Link Dl804V Any experiences? Message-ID: <3EE8C18B.3263.5BFB1F8@localhost>
next in thread | raw e-mail | index | archive | help
Hi, Trying to finish off setting up a VPN (ESP Tunnel mode) between a FreeBSD 4.8 box and a D-Link router Dl-804V. After much fiddling and configing I have a setup that works as long as I establish the tunnel from the D-link end. All then works fine from a VPN standpoint. I cannot seem to provoke the Tunnel into action from the lan behind the FreeBSD box. I have tried with the distributed version of racoon.conf and havce most success with apurpose crafted version. Running racoon in foreground with -v and -d provides me with LOTS of info :-) Not all of which is easy to follow. Adding -l and logging to a file provides even more info. >From what I can see- The Fbsd box starts a Phase 1 IKE-SA in aggressive mode, builds the packet, sends it to the other end. It the re-sends the packet and keeps doing that. I don't see any message labelled as "error" by racoon. All I seem able to set at the D-link is pre-shared or manula key (using pre-shared), use DES or 3DES, use perfect forward secrecy or not and what they call Key life (defaults to 3600) and Ike Life Time (defaults to 28800 sec) Anyone done this before? Any pointers on where I can look further? I have trawled the web pretty extensively regards Pete
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3EE8C18B.3263.5BFB1F8>