Eu fiz em OpenBSD usando isakmpd e funcionou bem.... Esse é o meu /etc/isakmpd.conf:
[General] Retransmits= 5 Listen-on= IP_MINHA_MAQ_VPN Default-phase-1-lifetime= 3600,60:86400 Default-phase-2-lifetime= 3600,60:3600 [Phase 1] 170.66.Y.X= HOST_SUA_REDExREDE_BB [Phase 2] Connections= VPN-HOST_MINHA_REDExREDE_BB [HOST_MINHA_REDExREDE_BB] Phase= 1 Transport= udp Local-address= IP_MINHA_MAQ_VPN Address= IP_GW_VPN_BB Configuration= Default-main-mode Authentication= SUA_SENHA [VPN-HOST_MINHA_REDExREDE_BB] Phase= 2 ISAKMP-peer= HOST_MTExREDE_BB Configuration= Default-quick-mode Local-ID= HOST_MTE Remote-ID= REDE_BB [MEU_HOST] ID-type= IPV4_ADDR Address= IP_MINHA_MAQ_VPN [REDE_BB] ID-type= IPV4_ADDR_SUBNET Network= REDE_BB Netmask= 255.255.255.0 [Default-main-mode] DOI= IPSEC EXCHANGE_TYPE= ID_PROT Transforms= 3DES-MD5 [Default-quick-mode] DOI= IPSEC EXCHANGE_TYPE= QUICK_MODE Suites= QM-ESP-3DES-MD5-SUITE # CONFIGURACOES DO ISAKMP (IKE) - FASE 1 [3DES-MD5] ENCRYPTION_ALGORITHM= 3DES_CBC HASH_ALGORITHM= MD5 AUTHENTICATION_METHOD= PRE_SHARED #GROUP_DESCRIPTION= ANY Life= Default-phase-1-lifetime # IPSEC-SUITE - FASE 2 [QM-ESP-3DES-MD5-SUITE] Protocols= QM-ESP-3DES-MD5 # ESPECIFICACOES DO QUICK-MODE - FASE 2 [QM-ESP-3DES-MD5] PROTOCOL_ID= IPSEC_ESP Transforms= QM-ESP-3DES-MD5-XF # ESPECIFICACOES DO TRANSFORM-MODE - FASE 2 [QM-ESP-3DES-MD5-XF] TRANSFORM_ID= 3DES ENCAPSULATION_MODE= TUNNEL AUTHENTICATION_ALGORITHM= HMAC_MD5 Life= Default-phase-2-lifetime Depois foi só rodar o isakmpd e correr pro abraço. =D Espero que ajude ! []'s --------- No stupid signatures here. http://www.webcrunchers.com/crunch/ ------------------------- Histórico: http://www.fug.com.br/historico/html/freebsd/ Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
