IPSEC help
Bjoern Engels
bj at 0x20.net
Thu Nov 15 05:04:37 PST 2007
Hi John,
On Thu, Nov 15, 2007 at 03:14:04AM -0800, john decot wrote:
> I am new to ipsec and trying to connect my bsd server with win 2000. I have succeeded to tunnel using pre-shared key. But regarding certificate , I failed to get success.
>
> The following are configuration :
>
> racoon.conf
[...]
> --------------------------END------------------------------------------------------------------
> certificate are created in bsd with following commands:
Log file contents would be helpful. Anyway - I had these statements in
my config file a while ago, when I used racoon with certificates:
remote anonymous {
[...]
ca_type x509 "cacert.pem";
certificate_type x509 "foo.net.pem" "foo.key-nopass";
peers_certfile x509 "bar.pem";
send_cert on;
my_identifier asn1dn;
peers_identifier asn1dn "C=foo, ST=foo, L=foo, O=foo, CN=bar/emailAddress=foo";
verify_identifier on;
[...]
}
You'll have to fill in the correct values for peers_identifier asn1dn,
of course.
HTH
--
Viele Gruesse // Best regards
Bjoern Engels
:wq!
More information about the freebsd-security
mailing list