IPSEC help

Bjoern Engels bj at 0x20.net
Tue Nov 20 03:08:33 PST 2007

On Tue, Nov 20, 2007 at 02:57:17AM -0800, john decot wrote:
> Hi,
>       I have checked with different mode that obey and found error no valid proposal  and again i change lifetime too in bsd server. But I can't found where should i have to change those parameter in remote windows ipsec box.
>       Could you please suggest me. 

> 2007-11-17 13:46:22: DEBUG: Compared: DB:Peer                                                                                                                                                                     
> 2007-11-17 13:46:22: DEBUG: (lifetime = 1800:28800)

I suggest you change the lifetime in racoon's config to 28800 seconds if
you cannot change it at the peer.
Aonther thing I'd check is encryption/hash algorithms. You'll probably
have the best compatibility if you change everything to 3DES-MD5.
Viele Gruesse // Best regards
Bjoern Engels

More information about the freebsd-security mailing list