Thanks for the input on this everyone! Eugene, I'll take you up on your offer of examples! I have a good idea of how to do this, I just want to make sure I get it right and if I have some examples to compare to that would be great! Thanks much!
On Tue, Jul 14, 2009 at 9:41 AM, Eugene Perevyazko <j...@dnepro.net> wrote: > On Mon, Jul 13, 2009 at 11:09:11AM -0400, rascal wrote: > > So I have a couple of questions regarding a scenario that has recently > been > > brought to me. I have two sites, one with a cisco device and one with a > > server running freebsd 7.2. The client wants to connect the two sites > using > > these devices and I am told that the best way would be to establish an > IPSEC > > tunnel between the cisco device and the freebsd server. The cisco is a > > concentrator 3000 and the server is just a dell poweredge 860 with 4 nics > in > > the back running 7.2 freebsd. I guess my two questions are: > > > > 1. Has anyone done this before and what are their results? > > I'm using several IPSec tunnels between cisco 851's and freebsd routers. > It "just works". > > > 2. Is setting up an IPSEC tunnel the best route for this or is there > > something else I should be looking at? > IPSec is the standard for tunnels over internet. Cisco VPN requires their > proprietary client, OpenVPN is not for ciscos. > > > 3. Any tips/tricks/good sites to check on for setting up IPSEC on > freebsd > > (I am currently reading > > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ipsec.htmlwhich > > is pretty darn good)? > I use IPSec tunnels without gif interface on freebsd, don't know if it will > work with it. I declare policy in /etc/ipsec.conf, and use racoon > (ports/security/ipsec-tools) to do all the rest. It's pretty simple on cisco > side too. Just say if you need an example. > > -- > Eugene Perevyazko > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org" > _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
