also, same problem....
Fuchs, Martin schrieb:
Same problem here L
*Von:* David L. Strout [mailto:[EMAIL PROTECTED]
*Gesendet:* Sonntag, 8. Juli 2007 20:38
*An:* pfSense Support
*Betreff:* [pfSense Support] Latest build - IPSec broken
I have been running 1.2-BETA-2 since early last week and all seems
great. I just upgraded two test boxes (with pre-configured & working
IPSec tunnels) to the latest 1.2-BETA-2 SNAP and it severely broke IPSec.
racoon.conf:
path pre_shared_key "/var/etc/psk.txt";
path certificate "/var/etc";
remote 63.63.63.63{
exchange_mode main;
my_identifier address "63.63.63.64";
peers_identifier address 63.63.63.63;
initial_contact on;
support_proxy on;
proposal_check obey;
proposal {
encryption_algorithm rijndael 256;
hash_algorithm sha1;
authentication_method pre_shared_key;
dh_group 5;
lifetime time 28800 secs;
}
lifetime time 28800 secs;
}
sainfo address 192.168.168.0/24 any address 10.10.10.0/24any {
encryption_algorithm rijndael 256;
authentication_algorithm hmac_sha1;
compression_algorithm deflate;
pfs_group 5;
lifetime time 3600 secs;
}
I have recently switched my test tunnels to rijndael 256 w/ SHA1 ....
everythings works great when I downgraded back to the original 1.2-BETA-2.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
