From owner-freebsd-questions@FreeBSD.ORG Tue Sep 2 21:29:53 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BA31616A4BF for ; Tue, 2 Sep 2003 21:29:53 -0700 (PDT) Received: from sccrmhc12.comcast.net (sccrmhc12.comcast.net [204.127.202.56]) by mx1.FreeBSD.org (Postfix) with ESMTP id BA30B44011 for ; Tue, 2 Sep 2003 21:29:52 -0700 (PDT) (envelope-from cristjc@comcast.net) Received: from blossom.cjclark.org (12-234-156-182.client.attbi.com[12.234.156.182](untrusted sender)) by comcast.net (sccrmhc12) with ESMTP id <2003090304295101200okd01e>; Wed, 3 Sep 2003 04:29:51 +0000 Received: from blossom.cjclark.org (localhost. [127.0.0.1]) by blossom.cjclark.org (8.12.8p1/8.12.8) with ESMTP id h834SSJp032259 for ; Tue, 2 Sep 2003 21:28:28 -0700 (PDT) (envelope-from cristjc@comcast.net) Received: (from cjc@localhost) by blossom.cjclark.org (8.12.8p1/8.12.8/Submit) id h834SR7t032258 for questions@freebsd.org; Tue, 2 Sep 2003 21:28:27 -0700 (PDT) X-Authentication-Warning: blossom.cjclark.org: cjc set sender to cristjc@comcast.net using -f Date: Tue, 2 Sep 2003 21:28:27 -0700 From: "Crist J. Clark" To: questions@freebsd.org Message-ID: <20030903042827.GA32169@blossom.cjclark.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.1i X-URL: http://people.freebsd.org/~cjc/ Subject: Win2k to racoon Cookbook X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: cjclark@alum.mit.edu List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Sep 2003 04:29:53 -0000 I know I've seen multiple howto's and mails describing how to do this in the past, but the heck if I can Google one or pull one out of the archives at the moment. I have Win2k at one end and FreeBSD/racoon on the other. The Win2k systems aquire addresses by DHCP. I've seen documents describing how to do, Win2k ---- { Internet } ---- FreeBSD/racoon ---- { Private Net } |________________________________| VPN tunnel But like I said, I'm coming up dry. I've got certs set up, and racoon will do cert (rsasig) authentication with other racoon peers. I need help with the Win2k end. I should mention that I'm kind of trying to do the reverse. I really am doing, { Private Net } Win2k ---------- { Wireless } | FreeBSD/racoon - { LAN } -- FreeBSD/racoon -- { Internet } |_______________| VPN tunnel I am trying to secure my wireless LAN by doing IPsec since WEP is hopelessly broken (and since I can't figure out how to get Win2k and FreeBSD to use the same keys). The FreeBSD/racoon to FreeBSD/racoon is up and I must say, is reaaaaly cool. Now if I could get the Win2k running over IPsec, it would be great. Where'd those howto's get to? Anyone got something like this going? -- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org