Hi John,
On Thu, Nov 15, 2007 at 03:14:04AM -0800, john decot wrote:

quoted text
>         I am new to ipsec and trying to connect my bsd server with win 2000. I have succeeded to tunnel using pre-shared key. But regarding certificate , I failed to get success.

>

>       The following are configuration :

>

> racoon.conf

[...]

quoted text
> --------------------------END------------------------------------------------------------------

> certificate are created in bsd with following commands:

Log file contents would be helpful. Anyway - I had these statements in

my config file a while ago, when I used racoon with certificates:
remote anonymous {

[...]

        ca_type          x509 "cacert.pem";

        certificate_type x509 "foo.net.pem" "foo.key-nopass";

        peers_certfile   x509 "bar.pem";

        send_cert on;

        my_identifier    asn1dn;

        peers_identifier asn1dn "C=foo, ST=foo, L=foo, O=foo, CN=bar/emailAddress=foo";

        verify_identifier on;

[...]

}
You'll have to fill in the correct values for peers_identifier asn1dn,

of course.
HTH

--

Viele Gruesse // Best regards

Bjoern Engels

                                                                    :wq!

_______________________________________________

freebsd-security@freebsd.org mailing list

http://lists.freebsd.org/mailman/listinfo/freebsd-security

To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"