>The only problem I've encountered is that, when making Win2K and FreeBSD
>interoperate, the IKE's phase 2 only suceeds if
>Win2K initiates the process. If racoon is to start it, Win2k will not
>accept any proposal for phase 2, complaining that the dh group number
>(which should correctly be either 1 or 2) received is 1 or 2 (depending
>on the pfs_group setting in racoon.conf) and not null(0). If I try
>setting pfs_group to null, I get a parse error.
try removing "pfs_group 2" line. the problem here is that PFS group
is not negotiated (from the protocol spec), so
- if Win2K uses no pfs group, racoon obeys
- if racoon proposes either pfs group 1/2, Win2K rejects
hope this helps.
itojun
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
