Re: cisco vpn experience?

[Michael Vince]

Yeah I hooked up 5.3 BSD box with to a big mobile phone companies 
$60,000 Cisco VPN piece of equipment, I got Cisco cert my self but I 
prefer FreeBSD :)
Used Racoon/ipsec tools and FastIPSec compiled into the kernel.

IPs are spoofed ,but just to give you the idea.
Mar 31 16:02:54 mord racoon: INFO: IPsec-SA request for 192.168.64.132 
queued due to no phase1 found.
Mar 31 16:02:54 mord racoon: INFO: initiate new phase 1 negotiation: 
192.168.207.68[500]<=>192.168.64.132[500]
Mar 31 16:02:54 mord racoon: INFO: begin Identity Protection mode.
Mar 31 16:02:54 mord racoon: INFO: received Vendor ID: CISCO-UNITY
Mar 31 16:02:54 mord racoon: INFO: received Vendor ID: DPD
Mar 31 16:02:54 mord racoon: INFO: received Vendor ID: 
draft-ietf-ipsra-isakmp-xauth-06.txt
Mar 31 16:02:54 mord racoon: INFO: ISAKMP-SA established 
192.168.207.68[500]-192.168.64.132[500] 
spi:031111091ac91619:5bf5227037f4fa80
Mar 31 16:02:55 mord racoon: INFO: initiate new phase 2 negotiation: 
192.168.207.68[0]<=>192.168.64.132[0]
Mar 31 16:02:55 mord racoon: INFO: IPsec-SA established: ESP/Tunnel 
192.168.64.132->192.168.207.68 spi=30520619(0x1cb25c2)
Mar 31 16:02:55 mord racoon: INFO: IPsec-SA established: ESP/Tunnel 
192.168.207.68->192.168.64.132 spi=626279197(0x28e7c1b1

Julian Elischer wrote:
Has anyone connected a FreeBSD machine to a "cisco ipsec VPN" as 
exported by
various Cisco routers.

they have special solaris, linux and windows clients..
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"