From owner-freebsd-stable@FreeBSD.ORG  Fri Oct  5 14:05:28 2007
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 05FDD16A418;
	Fri,  5 Oct 2007 14:05:28 +0000 (UTC) (envelope-from emss@free.fr)
Received: from kraid.nerim.net (kraid.ipv6.nerim.net [IPv6:2001:7a8:1:1::95])
	by mx1.freebsd.org (Postfix) with ESMTP id 78D1413C45A;
	Fri,  5 Oct 2007 14:05:27 +0000 (UTC) (envelope-from emss@free.fr)
Received: from srvbsdnanssv.interne.kisoft-services.com (kisoft.net1.nerim.net
	[62.212.107.51])
	by kraid.nerim.net (Postfix) with ESMTP id 76CCACF0B6;
	Fri,  5 Oct 2007 16:05:25 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1])
	by srvbsdnanssv.interne.kisoft-services.com (Postfix) with ESMTP id
	9467517541; Fri,  5 Oct 2007 16:05:24 +0200 (CEST)
X-Virus-Scanned: amavisd-new at interne.kisoft-services.com
Received: from srvbsdnanssv.interne.kisoft-services.com ([127.0.0.1])
	by localhost (srvbsdnanssv.interne.kisoft-services.com [127.0.0.1])
	(amavisd-new, port 10024)
	with ESMTP id L0EUB6vcdLKQ; Fri,  5 Oct 2007 16:05:14 +0200 (CEST)
Received: by srvbsdnanssv.interne.kisoft-services.com (Postfix,
	from userid 1001)
	id 6D8C117563; Fri,  5 Oct 2007 16:05:14 +0200 (CEST)
To: "Bubble Reading" <bubblereading@gmail.com>
From: Eric Masson <emss@free.fr>
In-Reply-To: <a65132710710050630r4c7fe649n3b7b05ff4c81a1db@mail.gmail.com>
	(Bubble Reading's message of "Fri, 5 Oct 2007 14:30:30 +0100")
References: <a65132710710050550w45e14cf4oe59923a318fc4d41@mail.gmail.com>
	<47063B2F.4080801@FreeBSD.org>
	<a65132710710050630r4c7fe649n3b7b05ff4c81a1db@mail.gmail.com>
X-Operating-System: FreeBSD 6.2-RELEASE-p7 i386
Date: Fri, 05 Oct 2007 16:05:14 +0200
Message-ID: <86wsu1ac85.fsf@srvbsdnanssv.interne.kisoft-services.com>
User-Agent: Gnus/5.1008 (Gnus v5.10.8) XEmacs/21.5-b28 (berkeley-unix)
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-15
Content-Transfer-Encoding: 8bit
Cc: freebsd-stable@freebsd.org
Subject: Re: OpenSWAN equivalent on FreeBSD
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Oct 2007 14:05:28 -0000

"Bubble Reading" <bubblereading@gmail.com> writes:

Hi,

(Please don't top post)

> Set up IPSec on FreeBSD (Use Fast IPSec)
>
>     - Run VPN tests for the different ciphers & modes
>       - Run with OCF and a cryptosoft variant
>
> How do I do this ? Is there some documentation ?

http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/ipsec.html
should give you some indication, there's a mistake in the setup (mixing
gif & esp tunnels, just use esp tunnels or gif tunnels over esp
transport)

You need to install an iked, like isakmpd or racoon, if you don't want
to use manual keying (ports come with man pages) :
/usr/ports/security/ipsec-tools
/usr/ports/security/isakmpd

For details regarding ipsec usage/implementation on FreeBSD , take a
look at the man pages :
man 4 fast_ipsec
man 4 crypto

Regards

-- 
 Cela m'a même déjà valu quelques discussions animés avec mes paires
 -+- FC in <http://www.le-gnu.net> : Tête à tête ou tête à queue ? -+-