[VPN] Problems between FreeBSD and Netscreen
Mike Insch
vofka at hotpop.com
Tue Oct 29 07:50:46 EST 2002
I am trying to set up an IPSec VPN between a FreeBSD Box (FreeBSD
4.6.2-RELEASE with Racoon-20020507a), and a Netscreen 25. I only have
control of the FreeBSD box, the Netscreen belongs to a client.
I Think I have the SPD Entries configured correctly, and I am reasonably
sure that the racoon.conf file is right, but I am still getting Timeouts at
IKE Phase 1.
I am using 3DES, SHA1 and DH Group 5 (mdop1536). I can get a good
traceroute from the BSD Box to the final hop before the NS25 (the NS is
blackholeing all ICMP), so I am confident that general communications to
the NS Box is good.
Does anyone have any suggestions as to where I can look to see what may be
causing the timeout problem? Has anyone successfully got FreeBSD speaking
to an NS25? If you have, would you mind posting example configs for Racoon
and for the NS (that way I can ask my client to verify his end of the
link)?
Any assistance would be greatly appreciated,
Kind Regards,
Mike Insch,
IT Engineer.
More information about the VPN
mailing list