freebsd security - May 2005 - How to setup IPSec tunnel between FreeBSD and Linux systems...?

Hi,

I am trying to setup ipsec tunnel between Freebsd
(host1) and Linux (host2) systems.And I also
interested in executing some ipsec test cases( Like
TAHI conformance test suite) on the same connection.
Please, suggest me some details regarding this setup
and Specify any materials which can be obtained from
from any locations(site)..

I have enabled IPSec support for FreeBSD (4.11
Release) and Linux (kernel-2.4.20-8), now I am trying
to estblish ipsec tunnel between these two systems.so
specify the what further procedure can be done to
establish the secure tunnel.

Please help me to enable the connection...Any sort of
suggestion will be appreciated .

Thanx,

with regards,
Mohan.

________________________________________________________________________
Yahoo! India Matrimony: Find your life partner online
Go to: http://yahoo.shaadi.com/india-matrimony

On Mon, 23 May 2005, mohan chandra wrote:
> Hi,
>
> I am trying to setup ipsec tunnel between Freebsd
> (host1) and Linux (host2) systems.And I also
> interested in executing some ipsec test cases( Like
> TAHI conformance test suite) on the same connection.
> Please, suggest me some details regarding this setup
> and Specify any materials which can be obtained from
> from any locations(site)..
I did it a couple of years ago to build a VPN between a company running 
FreeBSD in the firewall and the remote location runing Linux. It works well,
although it has some minor issues. I used some pdf I've found in 
www.ipv6.iabg.de, but that site seems to be dead. I think I still have
that pdf somewhere, email me if you're interested.
>
> I have enabled IPSec support for FreeBSD (4.11
> Release) and Linux (kernel-2.4.20-8), now I am trying
> to estblish ipsec tunnel between these two systems.so
> specify the what further procedure can be done to
> establish the secure tunnel.
>
> Please help me to enable the connection...Any sort of
> suggestion will be appreciated .
>
> Thanx,
>
> with regards,
> Mohan.
>
> ________________________________________________________________________
> Yahoo! India Matrimony: Find your life partner online
> Go to: http://yahoo.shaadi.com/india-matrimony
> _______________________________________________
> freebsd-security@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to
"freebsd-security-unsubscribe@freebsd.org"
>

Hi Mohan,
> I am trying to setup ipsec tunnel between Freebsd
> (host1) and Linux (host2) systems.And I also
> interested in executing some ipsec test cases( Like
> TAHI conformance test suite) on the same connection.
> Please, suggest me some details regarding this setup
> and Specify any materials which can be obtained from
> from any locations(site)..
> 
> I have enabled IPSec support for FreeBSD (4.11
> Release) and Linux (kernel-2.4.20-8), now I am trying
> to estblish ipsec tunnel between these two systems.so
> specify the what further procedure can be done to
> establish the secure tunnel.
> 
> Please help me to enable the connection...Any sort of
> suggestion will be appreciated .
FreeBSD uses either KAME IPSec or OpenBSD IPSec (known as Fast-IPSec).
As far as I can tell, they are mostly compatible.

Linux have two implementation of IPSec : FreeS/WAN and USAGI.  FreeS/WAN
is, IMHO, a big crap, has ugly code and configuration file.  On the
other hand, USAGI uses the same userland tools as BSD because they used
to work in tight collaboration with KAME (I can't remember the detail
though).  Furthermore, IIRC, USAGI has been chosen to be merged to Linux
mainstream kernel, FreeS/WAN seems to have died since, their last
release is dated for more than one year ago.

Since the daemons and configuration tools are the same now in BSD and
Linux, I think this should not bring to much pain to you to make them
work together.

Regards,
-- 
Jeremie Le Hen
< jeremie at le-hen dot org >< ttz at chchile dot org >