Hi Diana
I did a different search in google and received a lot of irrelevant
hits :-( I looked up the mailing list archives but didn't find anything
concrete on the subject. I agree that more information is needed but I
kept it to the 2nd round of the emails on this subject because 1: I
didn't have it at the time. 2: I didn't know exactly what kind of
information other's would be interested (and overloading emails with
numbers makes others less likely to respond to the email).
Now to the subject at hand: The OpenBSD side is simple: OpenBSD
3.8-stable (and 3.9 when it comes out). Since I didn't have time to
develop a policy I'm following the other location's policy. The Cisco
they have is a 3745 concentrator. The encryption algorithm is 3DES. Hash
algorithm is SHA1. DH group 2 (for phase 1) and phase 2 is esp-3des
esp-sha-hmac.
TIA
Paolo
Diana Eichert wrote:
On Fri, 10 Mar 2006, Paolo Supino wrote:
Hi
I need to setup an IPSEC VPN between 2 locations. 1 location runs
Cisco gear (out of my control) and the other runs OpenBSD (my decision).
I've never setup a VPN between Cisco and OpenBSD before (I did between
Cisco to Cisco and OpenBSD to OpenBSD) and I was wondering if there are
any pitfalls or incompatibilities between Cisco and OpenBSD
implementations of IPSEC that will cause problems?
TIA
Paolo
Ehlo
More info is required. Cisco is a company that grows via acquisition,
therefore they have several different VPN solutions. Also, I did a quick
search on Google for "Cisco and OpenBSD ipsec" and there are over 95k
English hits. The very first response is "OpenBSD IPSEC with cisco -
HOWTO".
diana