From owner-freebsd-questions@FreeBSD.ORG  Mon Jan 19 15:29:54 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 985C216A4CE
	for <freebsd-questions@freebsd.org>;
	Mon, 19 Jan 2004 15:29:54 -0800 (PST)
Received: from mx1.au.itouchnet.net (nat2.au.itouchnet.net [144.135.23.100])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 66ECF43D48
	for <freebsd-questions@freebsd.org>;
	Mon, 19 Jan 2004 15:29:52 -0800 (PST)
	(envelope-from andrewjt@applecomm.net)
Received: from nobody by mx1.au.itouchnet.net with scanned_ok (Exim 3.36 #1)
	id 1AiisX-000Bqh-00
	for freebsd-questions@freebsd.org; Tue, 20 Jan 2004 10:32:21 +1100
Received: from [192.168.13.202] (helo=[192.168.13.202])
	by mx1.au.itouchnet.net with esmtp (Exim 3.36 #1)
	id 1AiisW-000Bqa-00
	for freebsd-questions@freebsd.org; Tue, 20 Jan 2004 10:32:21 +1100
From: Andrew Thomson <andrewjt@applecomm.net>
To: freebsd-questions@freebsd.org
Content-Type: text/plain
Message-Id: <1074554991.701.57.camel@itouch-1011.prv.au.itouchnet.net>
Mime-Version: 1.0
X-Mailer: Ximian Evolution 1.4.5 
Date: Tue, 20 Jan 2004 10:29:51 +1100
Content-Transfer-Encoding: 7bit
X-Checked: Scanned for any viruses and unauthorized attachments at
	mx1.au.itouchnet.net
X-iScan-ID: 45547-1074555141-47675@mx1.au.itouchnet.net version $Name:
	REL_2_0_2 $
Subject: ipsec changes in 5.2
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Jan 2004 23:29:54 -0000

I'm really more interested in changes wrt ipsec since 5.0! ;)

I just upgraded my laptop from 5.0 to 5.2 the other day and now my IPSEC
VPN doesn't work.

I run a VPN over my wireless adhoc network at home.

There are just two hosts on the network, the firewall and the laptop.

The firewall is running Freebsd 4.8.

When my laptop was on 5.0 the following setup worked a treat. However
since the upgrade, the VPN has stopped working.

Below are the setkey entries I was using to get the job done.

spdadd 192.168.14.2/32 0.0.0.0/0 any -P in ipsec
   esp/tunnel/192.168.14.2-192.168.14.1/require;
spdadd 0.0.0.0/0 192.168.14.2/32 any -P out ipsec
   esp/tunnel/192.168.14.1-192.168.14.2/require;

And racoon for the key exchange.

Any tips?

ajt.