vpn trouble
VANHULLEBUS Yvan
vanhu at FreeBSD.org
Tue Jun 22 14:35:48 UTC 2010
On Tue, Jun 22, 2010 at 03:59:50PM +0200, ralf at dzie-ciuch.pl wrote:
>
> Hi,
Hi.
> I try to configure VPN over my server and my client
[....]
According to your racoon's debug (and confirmed by tcpdump), racoon
tries to initiate a phase1 negociation, but never gets any answer from
peer, so you may start by checking peer's logs, and/or compare both
configurations.
[....]
> exchange_mode main, aggressive; # For Firewall-1 Aggressive mode
If that comment in your racoon.conf is right, this is probably your
(first ?) configuration issue: as initiator, racoon will use the first
listed mode, so it will try a main mode negociation here.
Note that, if you have complete access to configurations, aggressive
mode has a lower security level than main mode, so should be avoided
when main mode can also be used !
Yvan.
More information about the freebsd-net
mailing list