IPsec with racoon

Adam Bayless adam at baylessfamily.org
Wed Oct 8 08:15:20 PDT 2003 

Rick,

Thanks for the suggestion, but it is a publicly routable address. It 
actually appears to be getting all of phase 1 complete and most of phase 2 
but just never passes any traffic across the VPN tunnel itself, so I am 
past the basic connectivity issues.

Anyone else have any thoughts?

Thanks,

Adam




At 03:06 PM 10/7/2003, rduvall at onlinehighways.net wrote:
>Is the external IP address of your VPN device an internet routable IP 
>address?
>I know that if you are on an ADSL without static IP (like Qwest or MSN 
>adsl) the
>IP address that is automatically assigned via DHCP by the DSL modem is 
>private
>IP space, and therefore your VPN will not work.  I resorted to getting an
>Alcatel Speedtouch USB modem and plugging it into a FreeBSD box for my 
>Qwest MSN
>and set my VPN to go between the 2 FreeBSD boxes.  This gave my 
>firewall/gateway
>a real IP address.  Granted, it is dynamic and I have to change my vpn every
>time my IP address get's re-negotiated, but at least it works.  I am 
>trying to
>figure out a way to dynamicly change the VPN config on both ends when ppp 
>comes
>up so I don't have to do it manually.
>
>Sincerely,
>
>Rick Duvall
>
>--- Adam Bayless <adam at baylessfamily.org> wrote:
> > I've followed a couple of the tutorials available on the web, including 
> the
> > one in the FreeBSD manual, for setting up an IPsec tunnel between two
> > FreeBSD machines, but I am trying to connect to a netgear VPN device. I'm
> > getting past phase 1 and getting an SA but the traffic will not flow.
> >
> > Without quoting every piece of config, does anybody have any pointers on
> > what might differ between the tutorials on FreeBSD <-> FreeBSD and talking
> > to a VPN device?
> >
> > Thanks,
> >
> > Adam
> >
> >
> >
> >
> >
> > ------------------------------------------------------------
> > Adam Bayless                    |      vi /etc/mail/aliases
> > Fibernet System Janitor         |      complaints: /dev/null
> > adam at baylessfamily.org          |      :wq
> > baylessfamily.org/~abayless     |      newaliases
> > ------------------------------------------------------------
> >
> > _______________________________________________
> > freebsd-questions at freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to 
> "freebsd-questions-unsubscribe at freebsd.org"
> >



------------------------------------------------------------
Adam Bayless                    |      vi /etc/mail/aliases
Fibernet System Janitor         |      complaints: /dev/null
adam at baylessfamily.org          |      :wq
baylessfamily.org/~abayless     |      newaliases
------------------------------------------------------------

More information about the freebsd-questions mailing list