Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Dru (dlavigne6_at_cogeco.ca)
Date: Sat Jul 27 2002 - 07:39:46 CDT
On Fri, 26 Jul 2002, Matthew Grooms wrote:
> I have a freebsd related ipsec question. I have set up a checkpoint
> vpn1/fw1 NG ( feature pack 2 )gateway for vpn connectivity to the
> hospital I work for. Most of the guys on my team run linux/bsd at thier
> house so I have set up encrypt rules in vpn1 to allow us connect to the
> checkpoint box and tunnel into our network from home. In any case, one
> of my coworkers has had pretty good success with the freeswan ( can
> connect and route traffic ) but I am getting some weird behavior using
> racoon/kame ipsec. I was hoping somone could help me out with this. I
> have attached most configuration info in this email and am more than
> willing to try just about anything to get this up and running. I could
> even go so far as to set up a temporary profile in a sandbox if somone
> who knows what they are doing would like take a stab at it.
> I am running Checkpoint VPN1/FW1 with Feature pack 2 installed. The
> VPN1 side is set up to reflect my freebsd configuration. I am using
> preshared keys for authentication 3des/md5 & pfs. ( although I have
> tried a myriad of permutations ) The freebsd side is version 4.4 with
> the following kernel options.
Have you tried a "tcpdump port 500" during Phase 1 negotiations? This will
show the proposal exchange so you can see which parts aren't matching up.
If that doesn't do it, send that output along with your racoon.conf file.
To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message