Fun with IPSEC and racoon - 5.2.1

Timothy Ham tham at
Fri Apr 9 14:07:22 PDT 2004

>I've been having some fun with IPSEC, owing to the need to put in a VPN
>between two offices.  At the far end, they've got a PIX, and I was pretty
>sure I could do this end with one of out FreeBSD boxen.  As an
>I set up IPSEC (with keying provided by Racoon) between my (linux)
>and that FreeBSD machine.  That worked Just Fine.

Sounds like you're bitten  by the broken IPSEC in 5.2 which still hasn't
been fixed in 5.2.1.  For some reason the ISAKMP traffic that should go
around the ipsec policy isn't, and only on outgoing packets. Some info

More information about the freebsd-questions mailing list