From owner-freebsd-net Thu Nov 15 17:59:52 2001 Delivered-To: freebsd-net@freebsd.org Received: from mine.kame.net (kame195.kame.net [203.178.141.195]) by hub.freebsd.org (Postfix) with ESMTP id 1925137B405 for ; Thu, 15 Nov 2001 17:59:49 -0800 (PST) Received: from localhost ([3ffe:501:41c:2000:e89c:3277:c904:dbcf]) by mine.kame.net (8.11.1/3.7W) with ESMTP id fAG1t3x11753; Fri, 16 Nov 2001 10:55:03 +0900 (JST) To: rsmith@vetx.com Cc: freebsd-net@freebsd.org Subject: Re: IPSEC / RAPTOR Firewall Interaction In-Reply-To: Your message of "Thu, 15 Nov 2001 17:12:08 -0500" References: X-Mailer: Cue version 0.6 (011026-1440/sakane) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Message-Id: <20011116105949D.sakane@kame.net> Date: Fri, 16 Nov 2001 10:59:49 +0900 From: Shoichi Sakane X-Dispatcher: imput version 20000228(IM140) Lines: 20 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > I'm attempting to figure out how to setup an IPv4 IPSEC tunnel between > two of our other offices (running Symantec Raptor 6.50 for Windows NT) > and my FreeBSD firewall here in my office (4.2-RELEASE) > > Here's a little network diagram of the situation: > > x.x.51.24 (my inside) <--> x.x.5.254 (my external address) <--- > Internet ---> x.x.42.26 (Their External) <--> 172.16.11.0 (Their > Internal) > > On their firewall (Raptor) they are connecting to me using SHA1 / 3DES > with no data compression, also using pre-shared keys. > > I'd like to do this using gif0 tunnels, but I just can't figure out how > to set it all up correctly. don't forget that the generic tunnel(gif) is different from the ipsec tunnel. when you use gif, you have to configure the raptor firewall to use ipsec TRANSPORT mode. Or you should use racoon with the ipsec tunnel mode, without gif. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message