<p>Sziasztok</p>
<p>Sajnos nem tudom életre bírni a VPN hálózatom, légyszíves segítsetek. A handbook alapján készítettem el mindent. (<span class="moz-txt-link-freetext"><span class="moz-txt-link-freetext"><span class="moz-txt-link-freetext"><span class="moz-txt-link-freetext"><span class="moz-txt-link-freetext"><span class="moz-txt-link-freetext">http://www.freebsd.org/doc/</span></span></span></span></span></span>hu/books/handbook/ipsec.html) beemelek minden configot ide, úgy átláthatóbb a gondom talán.<br /> <span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"><br /> kernel:</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">options IPSEC</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">device crypto</span></p>
<p><br /> <span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: underline; vertical-align: baseline;">ee /etc/rc.conf</span><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> </span><br /> <br /></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">ipsec_enable="YES"</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">ipsec_program="/usr/local/sbin/setkey"</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">ipsec_file="/usr/local/etc/racoon/setkey.conf"</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">racoon_enable="YES"</span></p>
<p><br /> <span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: underline; vertical-align: baseline;">ee /etc/pf.conf</span><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> </span><br /> <br /></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">#vpn</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">pass in quick proto esp from any to any</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">pass in quick proto ah from any to any</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">pass in quick proto ipencap from any to any</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">pass in quick proto udp from any port = 500 to any port = 500</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">pass in quick on gif0 from any to any</span></p>
<p><br /> <span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: underline; vertical-align: baseline;">ee /usr/local/etc/racoon/setkey.conf<br /> <br /> </span></p>
<div style="margin-left: 40px;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; vertical-align: baseline;">flush;</span><br /> <span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; vertical-align: baseline;">spdflush;</span><br /> <span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; vertical-align: baseline;">spdadd 10.246.38.0/24 10.0.0.0/24 any -P out ipsec esp/tunnel/195.228.156.104-192.168.1.12/use;</span><br /> <span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; vertical-align: baseline;">spdadd 10.0.0.0/24 10.246.38.0/24 any -P in ipsec esp/tunnel/192.168.1.12-195.228.156.104/use;</span><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: underline; vertical-align: baseline;"> </span></div>
<p><br /> <span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">setkey -c</span><br /> <span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">flush;</span><br /> <span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">spdflush;</span><br /> <span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">spdadd 10.246.38.0/24 10.0.0.0/24 any -P out ipsec esp/tunnel/195.228.156.104-192.168.1.12/use;</span><br /> <span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">spdadd 10.0.0.0/24 10.246.38.0/24 any -P in ipsec esp/tunnel/192.168.1.12-195.228.156.104/use;<br /> ctrl+d<br /> <br /> </span><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: underline; vertical-align: baseline;">ee /usr/local/etc/racoon/racoon.conf<br /> <br /> </span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"># $KAME: racoon.conf.in,v 1.18 2001/08/16 06:33:40 itojun Exp $</span></p>
<p><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> </span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"># "path" affects "include" directives. "path" must be specified before any</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"># "include" directive with relative file path.</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"># you can overwrite "path" directive afterwards, however, doing so may add</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"># more confusion.</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">path include "@sysconfdir_x@/racoon";</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">#include "remote.conf";</span></p>
<p><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> </span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"># the file should contain key ID/key pairs, for pre-shared key authentication.</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">path pre_shared_key "@sysconfdir_x@/racoon/psk.txt";</span></p>
<p><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> </span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"># racoon will look for certificate file in the directory,</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"># if the certificate/certificate request payload is received.</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">path certificate "@sysconfdir_x@/cert";</span></p>
<p><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> </span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"># "log" specifies logging level. It is followed by either "notify", "debug"</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"># or "debug2".</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">log debug;</span></p>
<p><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> </span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"># "padding" defines some padding parameters. You should not touch these.</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">padding</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">{</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> maximum_length 20; # maximum padding length.</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> randomize off; # enable randomize length.</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> strict_check off; # enable strict check.</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> exclusive_tail off; # extract last one octet.</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">}</span></p>
<p><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> </span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"># if no listen directive is specified, racoon will listen on all</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"># available interface addresses.</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">listen</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">{</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> isakmp 195.228.156.104 [500];</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> #isakmp ::1 [7000];</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> #isakmp 202.249.11.124 [500];</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> #admin [7002]; # administrative port for racoonctl.</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> #strict_address; # requires that all addresses must be bound.</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">}</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"># Specify various default timers.</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">timer</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">{</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> # These value can be changed per remote node.</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> counter 5; # maximum trying count to send.</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> interval 20 sec; # maximum interval to resend.</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> persend 1; # the number of packets per send.</span></p>
<p><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> </span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> # maximum time to wait for completing each phase.</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> phase1 30 sec;</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> phase2 15 sec;</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">}</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">remote 192.168.1.12 [500]</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">{</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> exchange_mode main,aggressive;</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> doi ipsec_doi;</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> situation identity_only;</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> my_identifier address 195.228.156.104;</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> peers_identifier address 192.168.1.12;</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> lifetime time 8 hour;</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> passive off;</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> proposal_check obey; # obey, strict, or claim</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> generate_policy off;</span></p>
<p><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> </span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> proposal {</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> encryption_algorithm blowfish;</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> hash_algorithm md5;</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> authentication_method pre_shared_key;</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> lifetime time 30 sec;</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> dh_group 1;</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> }</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">}</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">sainfo address 10.246.38.0/24 any address 10.0.0.0/24 any</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">{</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> pfs_group 1;</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> lifetime time 36000 sec;</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> encryption_algorithm blowfish,3des,des;</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> authentication_algorithm hmac_md5,hmac_sha1;</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"> compression_algorithm deflate;</span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">}</span></p>
<p><br /> <span style="text-decoration: underline;">ee /usr/local/etc/racoon/psk.txt</span><br /> <br /></p>
<div style="margin-left: 40px;"><span class="moz-txt-link-abbreviated"><span class="moz-txt-link-abbreviated"><span class="moz-txt-link-abbreviated"><span class="moz-txt-link-abbreviated"><span class="moz-txt-link-abbreviated"><span class="moz-txt-link-abbreviated">igabor...stageline.hu</span></span></span></span></span></span> *******jelszó<br /> 192.168.0.12 ********jelszó</div>
<p> </p>
<div style="margin-left: 40px;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: underline; vertical-align: baseline;"> </span></div>
<p><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">tcpdump -i em0 host 195.228.156.104 and dst 192.168.0.12<br /> <br /> </span></p>
<div style="margin-left: 40px;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">Nem csinál semmit.</span><br /> <span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"></span></div>
<p><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"><br /> </span><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">sockstat -4 | grep racoon</span><br /> <span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;"></span></p>
<p style="margin-left: 36pt; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial; color: #000000; background-color: transparent; font-weight: normal; font-style: normal; text-decoration: none; vertical-align: baseline;">root racoon 87792 6 udp4 195.228.156.104:500 *:*</span></p>
<p><br /> cat /var/log/debug.log<br /> <br /></p>
<div style="margin-left: 40px;">May 29 16:09:45 ns1 racoon: DEBUG: pk_recv: retry[0] recv()<br /> May 29 16:09:45 ns1 racoon: DEBUG: get pfkey FLUSH message<br /> May 29 16:09:46 ns1 racoon: DEBUG: call pfkey_send_dump<br /> May 29 16:09:46 ns1 racoon: DEBUG: pk_recv: retry[0] recv()<br /> May 29 16:09:47 ns1 racoon: DEBUG: hmac(modp768)<br /> May 29 16:09:47 ns1 racoon: DEBUG: compression algorithm can not be checked because sadb message doesn't support it.<br /> May 29 16:09:47 ns1 racoon: DEBUG: getsainfo params: loc='10.246.38.0/24', rmt='10.0.0.0/24', peer='NULL', id=0<br /> May 29 16:09:47 ns1 racoon: DEBUG: getsainfo pass #2<br /> May 29 16:09:47 ns1 racoon: DEBUG: pk_recv: retry[0] recv()<br /> May 29 16:09:47 ns1 racoon: DEBUG: get pfkey X_SPDDUMP message<br /> May 29 16:09:47 ns1 racoon: DEBUG: pk_recv: retry[0] recv()<br /> May 29 16:09:47 ns1 racoon: DEBUG: get pfkey X_SPDDUMP message<br /> May 29 16:09:47 ns1 racoon: DEBUG: sub:0x7fffffffe440: 10.246.38.0/24[0] 10.0.0.0/24[0] proto=any dir=out<br /> May 29 16:09:47 ns1 racoon: DEBUG: db :0x80103d150: 10.0.0.0/24[0] 10.246.38.0/24[0] proto=any dir=in<br /> May 29 16:23:20 ns1 racoon: DEBUG: caught rtm:14, need update interface address list<br /> May 29 16:30:11 ns1 racoon: DEBUG: caught rtm:14, need update interface address list<br /> May 29 16:32:53 ns1 racoon: DEBUG: pk_recv: retry[0] recv()<br /> May 29 16:32:53 ns1 racoon: DEBUG: get pfkey FLUSH message<br /> May 29 16:32:54 ns1 racoon: DEBUG: call pfkey_send_dump<br /> May 29 16:32:54 ns1 racoon: DEBUG: pk_recv: retry[0] recv()<br /> May 29 16:32:55 ns1 racoon: DEBUG: hmac(modp768)<br /> May 29 16:32:55 ns1 racoon: DEBUG: compression algorithm can not be checked because sadb message doesn't support it.<br /> May 29 16:32:55 ns1 racoon: DEBUG: getsainfo params: loc='10.246.38.0/24', rmt='10.0.0.0/24', peer='NULL', id=0<br /> May 29 16:32:55 ns1 racoon: DEBUG: getsainfo pass #2<br /> May 29 16:32:55 ns1 racoon: DEBUG: pk_recv: retry[0] recv()<br /> May 29 16:32:55 ns1 racoon: DEBUG: get pfkey X_SPDDUMP message<br /> May 29 16:32:55 ns1 racoon: DEBUG: pk_recv: retry[0] recv()<br /> May 29 16:32:55 ns1 racoon: DEBUG: get pfkey X_SPDDUMP message<br /> May 29 16:32:55 ns1 racoon: DEBUG: sub:0x7fffffffe440: 10.246.38.0/24[0] 10.0.0.0/24[0] proto=any dir=out<br /> May 29 16:32:55 ns1 racoon: DEBUG: db :0x80103d150: 10.0.0.0/24[0] 10.246.38.0/24[0] proto=any dir=in</div>
<p><br /> Más érdekes log nincs sajnos.<br /> <br /> Látszólag túljut a VPN kapcsolódás a hitelesítésen, de kapcsolódni már nem akar, pedig én nagyon szeretném ha ez működne.<br /> <br /> Köszi srácok.</p>
<div>
<pre>-- <br />Best Regards<br />Gábor Illó</pre>
</div>