Subject: Re: Patches to use racoon as a server for Cisco VPN client
To: Hubert Feyrer <hubert@feyrer.de>
From: Ignatios Souvatzis <is@netbsd.org>
List: tech-net
Date: 09/07/2004 19:40:07
--xJK8B5Wah2CMJs8h
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Sep 07, 2004 at 05:00:58PM +0200, Hubert Feyrer wrote:
> On Tue, 7 Sep 2004, Christoph Kaegi wrote:
> > > > Is there any way to do the opposite of this (use NetBSD as a VPN cl=
ient to
> > > > a Cisco server/"concentrator"), as vpnc does?
> > >
> > > Yes, now I understand the way the protocol works, I can do that easil=
y.
> >
> > I'd be *very* interested in this functionality also :-)
>=20
> If the vpnc solution is enough, there's a package in pkgsrc-wip (iirc),
> and a (german language, sorry -- i should really get to translate it!)
> documentation available here:
> http://www.feyrer.de/NetBSD/netbsd-vpn-howto.html

Which reminds me...

I don't remember whether I mentioned this to Hubert already, but
with vpnc-0.2 (and up) you have to use a kernel *without* IPSEC_ESP (at
least), else those packets aren't available to the raw IP sockets that
vpnc apparently uses. (It does *everything* in userland.)

Regards,
	-is

--xJK8B5Wah2CMJs8h
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (NetBSD)

iD8DBQFBPfJ3N4tiz3B8hB0RAomoAKCFulKl5ArOUxslXEZa4k3aQxu8WwCfev6U
w/+giP8ngCghnVfTjMN/Hvg=
=R4p8
-----END PGP SIGNATURE-----

--xJK8B5Wah2CMJs8h--