IPSec and VPN
Pierrick Brossin
pbrossin at swissgeeks.com
Tue May 6 03:44:01 PDT 2003
Hi!
I have set up a VPN here at work between two FreeBSD 4.8 machines.
I used a cross-cable to "simulate" the internet connection.
I modified the kernel with IPSEC and IPSEC_ESP. I let gif untouched
"pseudo-device gif" with no number specified.
Then, I create a VPN tunnel between 192.168.0.1 and 192.168.0.2 (external IPS
simulated with cross-cable). The internal IPs are 10.41.0.10 and 10.41.1.10.
Till there no encryption and the tunnel is working. I can ping both sides of it.
If I run "tcpdump -i gif0" on 10.41.0.10 and ping that host from 10.41.1.10 I
see icmp requests and replies.
Now I activate IPSEC in rc.conf and configured /etc/ipsec.conf.
I also installed racoon which exchanges keys without any problem
(/var/log/racoon.log).
And the tunnel is now encrypted and working.
Same thing as before: If I run "tcpdump -i gif0" on 10.41.0.10 and ping that
host from 10.41.1.10 I can't see anything anymore !!!!
I can ping that host and see replies on my screen but on the other machine
tcpdump doesn't output anything. I can also ssh to 10.41.0.10.
Normal or not ?
Regards
ps: If you need config files ask but since the tunnel is working I thought it
wasn't needed.
--
Pierrick Brossin
IT Employee - Quark Media House Switzerland
Mail: pbrossin_AT_swissgeeks(dot)com
Web: http://www.swissgeeks.com
More information about the freebsd-questions
mailing list