OpenBSD VPN with Cisco Pix Firewall
This is a discussion on OpenBSD VPN with Cisco Pix Firewall within the comp.unix.bsd.openbsd.misc forums, part of the OpenBSD category; --> I have setup IPSEC ESP tunnel between OpenBSD3.6 and Cisco Pix Firewall. I configure Passive-connection in OpenBSD 3.6 and ...
| |||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-16-2008, 07:46 AM
| ||||
| ||||
 OpenBSD VPN with Cisco Pix Firewall I have setup IPSEC ESP tunnel between OpenBSD3.6 and Cisco Pix Firewall. I configure Passive-connection in OpenBSD 3.6 and notice that isakmpd in OpenBSD keeps on dropping the proposal from Cisco Firewall, with NO_PROPOSAL_CHOSEN msg. All the encryption and hashing algorithms are the same. I use pre-share key. Then I use Ethereal capturing the packet from Cisco Firewall. Discover that Cisco Firewall includes the Life_type (11) and Life_duration (12) in the proposal. Check the isakmpd source code and discover it returns error when processing Life_type (11) and Life_duration (12) in attribute.c file. Should isakmpd return error for type 11 and type 12 ??? Rgds Goh Choon Lye      |
Linear Mode
