From owner-freebsd-questions@FreeBSD.ORG Sun Aug 27 22:24:30 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4672416A4DA for ; Sun, 27 Aug 2006 22:24:30 +0000 (UTC) (envelope-from stapleton.41@gmail.com) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.173]) by mx1.FreeBSD.org (Postfix) with ESMTP id 701FC43D45 for ; Sun, 27 Aug 2006 22:24:29 +0000 (GMT) (envelope-from stapleton.41@gmail.com) Received: by ug-out-1314.google.com with SMTP id m2so1551616uge for ; Sun, 27 Aug 2006 15:24:28 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=s9Z1qAxtDL28ViONmj+GZ8rDK/4xERJblDv6WC+5N23jy1ym6Apv6mJl2l1yjPTYVVpdlN3ZclhkpIiv866Q9wl8TmwwUkJki5z2DP3Wgop0a1jAwNTH5eupsvyQyugtej3PG6Aeukd1eP4MD1wKykUrq4yyqBmU6Ikplf6JPhU= Received: by 10.66.221.19 with SMTP id t19mr3364077ugg; Sun, 27 Aug 2006 15:24:28 -0700 (PDT) Received: by 10.67.98.16 with HTTP; Sun, 27 Aug 2006 15:24:28 -0700 (PDT) Message-ID: <80f4f2b20608271524t560e31f8qd30b773da75b8609@mail.gmail.com> Date: Sun, 27 Aug 2006 18:24:28 -0400 From: "Jim Stapleton" To: freebsd-questions@freebsd.org In-Reply-To: <44F21AC3.2080908@locolomo.org> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <80f4f2b20608271358l32b84ed6m5c6e5819d38c5c01@mail.gmail.com> <44F21AC3.2080908@locolomo.org> Subject: Re: IPSEC, am I missing something? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 27 Aug 2006 22:24:30 -0000 OK, thanks. Right now there are no "problems", I just am looking to figure out how to connect to my works VPN from home. Right now I'm looking at the actual VPN part, but after that I have to check how to do remote desktop/terminal services for the windows server I have to work on. Thank you, -Jim Stapleton On 8/27/06, Erik N=F8rgaard wrote: > Jim Stapleton wrote: > > > What I found and added: > > #ipsec: Required for VPN > > options IPSEC #IP security > > options IPSEC_ESP #IP security (crypto; define w/ IPSEC) > > #ipsec optimsations > > options FAST_IPSEC # new IPsec (cannot define w/ IPSEC) > > options IPSEC_FILTERGIF #filter ipsec packets from a tunnel > > > > before adding these, I just had the default 6.1 generic kernel file > > with a few things commented and a couple uncommented. > > Just start with the first two options, then add the others if needed. > But before you start, check if this actually solves the problem. There > is a well known problem with IPSec across NAT-firewalls: Authenticated > Headers don't work. > > Not all kernel options are in the GENERIC file, look for the NOTES file, > platform specific NOTES are where you find the GENERIC for your > platform, but there is also a general NOTES. > > Cheers, Erik > -- > Ph: +34.666334818 web: http://www.locolomo.org > X.509 Certificate: http://www.locolomo.org/crt/8D03551FFCE04F0C.crt > Key ID: 69:79:B8:2C:E3:8F:E7:BE:5D:C3:C3:B1:74:62:B8:3F:9F:1F:69:B9 > > >