Date: Fri, 9 Apr 2004 14:06:55 -0700 (PDT) From: Timothy Ham <tham@atta.nth-order.com> To: freebsd-questions@freebsd.org Cc: richard@endace.com Subject: Re: Fun with IPSEC and racoon - 5.2.1 Message-ID: <20040409135617.V39400@atta.nth-order.com>
next in thread | raw e-mail | index | archive | help
> >Hi > >I've been having some fun with IPSEC, owing to the need to put in a VPN >between two offices. At the far end, they've got a PIX, and I was pretty >sure I could do this end with one of out FreeBSD boxen. As an >experiment, >I set up IPSEC (with keying provided by Racoon) between my (linux) >desktop >and that FreeBSD machine. That worked Just Fine. Sounds like you're bitten by the broken IPSEC in 5.2 which still hasn't been fixed in 5.2.1. For some reason the ISAKMP traffic that should go around the ipsec policy isn't, and only on outgoing packets. Some info here: http://docs.freebsd.org/cgi/mid.cgi?20040203070435.GB46486
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040409135617.V39400>