IPSEC help
Bjoern Engels
bj at 0x20.net
Tue Nov 20 03:08:33 PST 2007
On Tue, Nov 20, 2007 at 02:57:17AM -0800, john decot wrote:
> Hi,
>
> I have checked with different mode that obey and found error no valid proposal and again i change lifetime too in bsd server. But I can't found where should i have to change those parameter in remote windows ipsec box.
>
> Could you please suggest me.
[...]
> 2007-11-17 13:46:22: DEBUG: Compared: DB:Peer
> 2007-11-17 13:46:22: DEBUG: (lifetime = 1800:28800)
I suggest you change the lifetime in racoon's config to 28800 seconds if
you cannot change it at the peer.
Aonther thing I'd check is encryption/hash algorithms. You'll probably
have the best compatibility if you change everything to 3DES-MD5.
--
Viele Gruesse // Best regards
Bjoern Engels
:wq!
More information about the freebsd-security
mailing list