Date: Thu, 15 Nov 2007 14:04:34 +0100 From: Bjoern Engels <bj@0x20.net> To: john decot <johndecot@yahoo.com> Cc: freebsd-security@freebsd.org Subject: Re: IPSEC help Message-ID: <20071115130434.GA78982@e.0x20.net> In-Reply-To: <199790.94058.qm@web55411.mail.re4.yahoo.com> References: <199790.94058.qm@web55411.mail.re4.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi John,
On Thu, Nov 15, 2007 at 03:14:04AM -0800, john decot wrote:
> I am new to ipsec and trying to connect my bsd server with win 2000. I have succeeded to tunnel using pre-shared key. But regarding certificate , I failed to get success.
>
> The following are configuration :
>
> racoon.conf
[...]
> --------------------------END------------------------------------------------------------------
> certificate are created in bsd with following commands:
Log file contents would be helpful. Anyway - I had these statements in
my config file a while ago, when I used racoon with certificates:
remote anonymous {
[...]
ca_type x509 "cacert.pem";
certificate_type x509 "foo.net.pem" "foo.key-nopass";
peers_certfile x509 "bar.pem";
send_cert on;
my_identifier asn1dn;
peers_identifier asn1dn "C=foo, ST=foo, L=foo, O=foo, CN=bar/emailAddress=foo";
verify_identifier on;
[...]
}
You'll have to fill in the correct values for peers_identifier asn1dn,
of course.
HTH
--
Viele Gruesse // Best regards
Bjoern Engels
:wq!
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20071115130434.GA78982>