kintaro oe writes: > I'm setting up ipsec/vpn on freebsd and openbsd. I try to read this > how to http://www.securityfocus.com/infocus/1859 but this applies to 2 > openbsd > systems. could anyone help me on how to setup between two systems?
Type "man vpn" on your OpenBSD box and read the section on "Configuring the Keying Daemon [automated keying]". That explains the gory details that ipsecctl and ipsec.conf deliberately hide from you. The reason for needing the gory details is that while FreeBSD has an /etc/ipsec.conf, its format is different from OpenBSD and it doesn't have helpful defaults so you need to specify everything exactly. The FreeBSD documentation makes a reasonable stab at explaining how to do this at :- http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ipsec.html But ignore any mention of gif, and stick with a simple tunnel mode connection as described by the summary at the very end. You could also look at the following Linux documentation which explains how to configure Racoon, the same IKE daemon that is used on FreeBSD :- http://www.ipsec-howto.org/x299.html Finally the following show is an old document covering how to make OpenBSD and NetBSD IPsec interoperate and since NetBSD also uses Racoon you can use that as a template for the FreeBSD configuration ... http://www.rommelwood.de/~hshoexer/ipsec-howto/HOWTO.html
