Date: Fri, 16 Nov 2001 12:10:29 -0800 (PST) From: Julian Elischer <julian@elischer.org> To: Shoichi Sakane <sakane@kame.net> Cc: icb-bsd@wi.rr.com, rsmith@vetx.com, freebsd-net@FreeBSD.ORG Subject: Re: Re[2]: IPSEC / RAPTOR Firewall Interaction Message-ID: <Pine.BSF.4.21.0111161209550.6632-100000@InterJet.elischer.org> In-Reply-To: <Pine.BSF.4.21.0111161150080.6632-100000@InterJet.elischer.org>
next in thread | previous in thread | raw e-mail | index | archive | help
ignore this mail it was sent in error.. the answer was to a different email On Fri, 16 Nov 2001, Julian Elischer wrote: > The person who you really have to speak to is Andre Oppermann > Unfortunatly he just left his job and so I don't have his new email > address on me.. > I wrote the basic driver for him and he has the legal side of it.. > > julian > > On Fri, 16 Nov 2001, Shoichi Sakane wrote: > > > > What about info in regards to running a FreeBSD IPSEC server (racoon) > > > with DHCP clients (road warriors)? I haven't seen anything about that...is it > > > possible? If so...any links to info? Thanks in advance. > > > > racoon can exchange SAs in such a scenario by using "generate_policy" > > directive. but there is no documentation. the only one is probably > > racoon.conf(5). you know there are some scenario about "road warriors". > > also, IKE and IPsec have many tweaks. so there are some solutions to > > solve scenarios. here is one of them. > > > > i'm using a laptop PC and the ip address is assigned dynamically. > > i access to the mail server from my laptop. i only use the ipsec > > transport mode. i use certificates because this is the way to solve > > the scenario with IKE main mode. i attach my configuration to this mail. > > > > 1. racoon.conf in the laptop. > > 2. policy parameter in the laptop. > > 3. racoon.conf in the server. > > no need server's policy configuration. > > > > it hope it help you. > > > > regards, > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0111161209550.6632-100000>