Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 14 Nov 2000 00:09:27 -0500
From:      Mike Tancsa <mike@sentex.net>
To:        mikey@kappaisle.com (Mike)
Cc:        freebsd-net@freebsd.org
Subject:   Re: VPN over PPPoE (racoon at fault?)
Message-ID:  <mcg11tscg1muv0kl3n46ojldqbjid4ruql@4ax.com>
In-Reply-To: <SEN.973807317.134261156@news.sentex.net>
References:  <SEN.973807317.134261156@news.sentex.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 9 Nov 2000 17:01:58 -0500, in sentex.lists.freebsd.net you wrote:

>Hi all,
>
>Has anyone ever successfully configured VPN (using IPSec protocol) over
>PPPoE connection?  I have 1 VPN configured over 2 locations with T1
>connections without any problem (using the KAME IPSec on FreeBSD
>4.1.1).  However, when I tried the same configuration with the 3rd
>location running DSL, it seems the IPSec packets can't reach out via =
tun0
>device.

I can do it with manual keying, but not with racoon.  Both transport and
tunnel mode work for me, but neither works with racoon.  NAT is a bit
tricky, but then again with tunnel mode, it doesnt really matter.


One end is
4.2-BETA FreeBSD 4.2-BETA #0: Mon Nov 13 13:52:46 EST 2000
other is=20
4.2-BETA FreeBSD 4.2-BETA #0: Sun Nov  5 18:25:14 EST 2000=20

This is via the same sort of DSL you are using i.e. Bell Nexxia type =
stuff
through a Redback etc...

I havent had time to send a note to the KAME folk, but when using racoon =
on
DSL, I get these sorts of log entries that I dont normally get

2000-11-13 23:46:29: isakmp_agg.c:927:agg_r2recv():
real.addr.totally-diff-subnet.1 ignore the packet, received unexpecting
payload type 1.
2000-11-13 23:46:10: isakmp_inf.c:177:isakmp_info_recv():
real.addr.totally-diff-subnet.1 ignore the packet, received unexpecting
payload type 89.
2000-11-13 23:52:37: isakmp_inf.c:177:isakmp_info_recv():
real.addr.totally-diff-subnet.4 ignore the packet, received unexpecting
payload type 187.

	---Mike
Mike Tancsa  (mdtancsa@sentex.net)	=09
Sentex Communications Corp,   	=09
Waterloo, Ontario, Canada
"Given enough time, 100 monkeys on 100 routers=20
could setup a national IP network." (KDW2)


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?mcg11tscg1muv0kl3n46ojldqbjid4ruql>