9dd6d96d4b22a8f9cd04542b0de26bc1e40a0481
ipsec-on-freebsd.md
| ... | ... | @@ -3,7 +3,7 @@ |
| 3 | 3 | These instructions are for IPsec in transport mode not IPsec in tunnel mode. IPsec in tunnel mode requires a too tight coupling with the routing table for dynamic routing because the policies can only be specified based on source/destination address and protocol not based on interfaces. |
| 4 | 4 | |
| 5 | 5 | ## Requirements |
| 6 | -* Root access to both endpoints |
|
| 6 | +* Root access to both endpoints. |
|
| 7 | 7 | * Static IPv4 addresses for both endpoints unless you want to write a small shell script as hook for raccon. |
| 8 | 8 | * At least one static IPv4 on at least one endpoint unless you hate yourself. |
| 9 | 9 | |
| ... | ... | @@ -16,4 +16,8 @@ If you're new to FreeBSD check Chapters [15.9.1](http://www.freebsd.org/doc/hand |
| 16 | 16 | ``` |
| 17 | 17 | Reboot into your new kernel. |
| 18 | 18 | |
| 19 | -## Userland configuration |
|
| ... | ... | \ No newline at end of file |
| 0 | +## Userland configuration |
|
| 1 | + |
|
| 2 | +Install the racoon daemon. It's included in the [security/ipsec-tools](http://www.freshports.org/security/ipsec-tools/) port. |
|
| 3 | +Racoon is pain in the ass to configure the first time because it's error messages aren't helping and the complexity of IPsec. Don't let this stop you. |
|
| 4 | + x |
|
| ... | ... | \ No newline at end of file |