From vvd at unislabs.com  Thu Aug  1 00:39:47 2019
From: vvd at unislabs.com (=?UTF-8?B?0JLQu9Cw0LTQuNC80LjRgCDQlNGA0YPQt9C10L3QutC+?=)
Date: Thu, 1 Aug 2019 00:39:47 +0300
Subject: [freebsd]
 =?utf-8?b?bXBkNS3RgdC10YDQstC10YAg0L3QtSDRg9GB0YLQsNC9?=
 =?utf-8?b?0LDQstC70LjQstCw0LXRgtGB0Y8gcHB0cCDRgdC+0LXQtNC40L0/P9C90Lg=?=
 =?utf-8?b?0LU=?=
In-Reply-To: <854d4f96-48f7-f580-6454-048675193368@grosbein.net>
References: <nycvar.OFS.7.76.4444.1907311200230.9667@tj1.negpncvgny.hn>
 <c4baabdb68557dd4e4fc6f65a2c628ae.squirrel@mail.univ.kiev.ua>
 <nycvar.OFS.7.76.4444.1907311911250.9667@tj1.negpncvgny.hn>
 <466040df757d6ef07a90183aa0ffeef0.squirrel@mail.univ.kiev.ua>
 <nycvar.OFS.7.76.4444.1907311931410.9667@tj1.negpncvgny.hn>
 <007964c08b5ef876fb044e3e6863b249.squirrel@mail.univ.kiev.ua>
 <nycvar.OFS.7.76.4444.1907312012030.9667@tj1.negpncvgny.hn>
 <d2c060a43679f8d8ebe17b6d73455bed.squirrel@mail.univ.kiev.ua>
 <854d4f96-48f7-f580-6454-048675193368@grosbein.net>
Message-ID: <dcef7a7b-eb0b-d0d3-d06e-e246a8755e56@unislabs.com>

31.07.2019 21:55, Eugene Grosbein ?????:
> 01.08.2019 0:35, Alexander Sheiko ?????:
>> ? ?????? ?? ???, 31 ??? 2019, 20:12 Yaroslav Shvets ?????:
>>
>>> ?? ??????. ?????? - ?????????.
>> ??? ??????? - ????????? L2TP ??? IPSEC (??????????? ? ??????? ? ?????,
>> ????? ?????????? RC4, ??? ? PPTP).
> ????? ????? ? ? IPSEC, ??????? ? 11.1-RELEASE ??? ????? ?? ???????, ??????? NAT-T.
?? ?????????? ????????? ??????? ??? ??????????? ?? ??? ??????? ??????? 
(????? ? ??????)?
security/strongswan, security/ipsec-tools ??? ?????????? ????, ??? ???? 
? ??????? ????????

???????!

From yaroslav at shvets.name  Thu Aug  1 12:11:10 2019
From: yaroslav at shvets.name (Yaroslav Shvets)
Date: Thu, 1 Aug 2019 12:11:10 +0300 (EEST)
Subject: [freebsd]
 =?utf-8?b?bXBkNS3RgdC10YDQstC10YAg0L3QtSDRg9GB0YLQsNC9?=
 =?utf-8?b?0LDQstC70LjQstCw0LXRgtGB0Y8gcHB0cCDRgdC+0LXQtNC40L0/P9C90Lg=?=
 =?utf-8?b?0LU=?=
In-Reply-To: <CAA2O=b8oUaSoNsJAPnpwP6ew86=yTGpKdYbCn6Umcv+B93XHYw@mail.gmail.com>
References: <nycvar.OFS.7.76.4444.1907311200230.9667@tj1.negpncvgny.hn>
 <c4baabdb68557dd4e4fc6f65a2c628ae.squirrel@mail.univ.kiev.ua>
 <8307e152-c595-3f07-fa6d-2003cb75b741@grosbein.net>
 <nycvar.OFS.7.76.4444.1907312000540.9667@tj1.negpncvgny.hn>
 <cf8e6a1029a159198cdbdcc9824c90a5.squirrel@mail.univ.kiev.ua>
 <76067804-d325-6726-209a-969d1a07a931@grosbein.net>
 <nycvar.OFS.7.76.4444.1907312338580.9667@tj1.negpncvgny.hn>
 <CAA2O=b8oUaSoNsJAPnpwP6ew86=yTGpKdYbCn6Umcv+B93XHYw@mail.gmail.com>
Message-ID: <nycvar.OFS.7.76.4444.1908011157370.9667@tj1.negpncvgny.hn>

Hello.

On Wed, 31 Jul 2019, 23:46, you wrote:

> https://kb.vmware.com/s/article/2061834
> ????
>
> On Wed, Jul 31, 2019, 23:43 Yaroslav Shvets <yaroslav at shvets.name> wrote:
>
>> Hello Eugene Grosbein.
>>
>> On Wed, 31 Jul 2019, 20:19, you wrote:
>>
>>> 01.08.2019 0:16, Alexander Sheiko ?????:
>>>
>>>>> ?? ??????. ?????? - ?????????.
>>>>
>>>> ?????????? ????????????, ????? ??? ???? ???-?? ????? ??? ?????????
>>>> ??????????? GRE.
>>>
>>> ?????????? ? ?????? ?????? ?????????? GRE, ?? ????? ??????? ???????,
>> ????????? ?????????.
>>> ???????? ????? ? ????? ???????? ?? ?????.
>>
>> ??????? ??????, ?????? ????????? (c)
>>
>> ????? ?????? ?? ??????. ??? ????? ? ????????
>> ??? ??????? ?????????? ? mpd5, ??????? ????? ?? ?????? ??????
>> ? ?????? ????????????.

??????? ????????????: ???????????? ?????? ??????????? VMware ESXi-5.5.
???????? ?? ?????? ?????????? ??? ?????? ?????????? ??????? ???? ?????? ??????.
??? ???????????, ???? ?????????: https://kb.vmware.com/s/article/2061834
???? ??????? ?? ???????.

????????? ??????? Eugene Grosbein ?? ???????????
? Anton Saietskii ?? ??????.

-- 
Yaroslav Shvets

From eugen at grosbein.net  Thu Aug  1 13:08:42 2019
From: eugen at grosbein.net (Eugene Grosbein)
Date: Thu, 1 Aug 2019 17:08:42 +0700
Subject: [freebsd]
 =?utf-8?b?bXBkNS3RgdC10YDQstC10YAg0L3QtSDRg9GB0YLQsNC9?=
 =?utf-8?b?0LDQstC70LjQstCw0LXRgtGB0Y8gcHB0cCDRgdC+0LXQtNC40L0/P9C90Lg=?=
 =?utf-8?b?0LU=?=
In-Reply-To: <dcef7a7b-eb0b-d0d3-d06e-e246a8755e56@unislabs.com>
References: <nycvar.OFS.7.76.4444.1907311200230.9667@tj1.negpncvgny.hn>
 <c4baabdb68557dd4e4fc6f65a2c628ae.squirrel@mail.univ.kiev.ua>
 <nycvar.OFS.7.76.4444.1907311911250.9667@tj1.negpncvgny.hn>
 <466040df757d6ef07a90183aa0ffeef0.squirrel@mail.univ.kiev.ua>
 <nycvar.OFS.7.76.4444.1907311931410.9667@tj1.negpncvgny.hn>
 <007964c08b5ef876fb044e3e6863b249.squirrel@mail.univ.kiev.ua>
 <nycvar.OFS.7.76.4444.1907312012030.9667@tj1.negpncvgny.hn>
 <d2c060a43679f8d8ebe17b6d73455bed.squirrel@mail.univ.kiev.ua>
 <854d4f96-48f7-f580-6454-048675193368@grosbein.net>
 <dcef7a7b-eb0b-d0d3-d06e-e246a8755e56@unislabs.com>
Message-ID: <9aeb6974-4c40-1440-694d-031d44b5ff19@grosbein.net>

01.08.2019 4:39, ???????? ???????? ?????:
> 31.07.2019 21:55, Eugene Grosbein ?????:
>> 01.08.2019 0:35, Alexander Sheiko ?????:
>>> ? ?????? ?? ???, 31 ??? 2019, 20:12 Yaroslav Shvets ?????:
>>>
>>>> ?? ??????. ?????? - ?????????.
>>> ??? ??????? - ????????? L2TP ??? IPSEC (??????????? ? ??????? ? ?????,
>>> ????? ?????????? RC4, ??? ? PPTP).
>> ????? ????? ? ? IPSEC, ??????? ? 11.1-RELEASE ??? ????? ?? ???????, ??????? NAT-T.
> ?? ?????????? ????????? ??????? ??? ??????????? ?? ??? ??????? ??????? (????? ? ??????)?
> security/strongswan, security/ipsec-tools ??? ?????????? ????, ??? ???? ? ??????? ????????

?????? ???????, ?????????????? ? ???? L2TP/IPSEC-?????????????? ??? FreeBSD
??? ????????? Windows, MacOS/X, ???????? ? iOS. IKE-???????? ??? FreeBSD ? ???? ???,
?? ? ??????? ??????? ?????????? ????? ??? IKE-?????? (??????), ??? ??? ?????
???? racoon ?? ipsec-tools, ???? stronswan.

? ???? ???? ?????? ? racoon ? ?????? ??? ????????????? ????? ??? ??,
??? ??????, ?????? ?????? sainfo anonymous ??? ???? ????????? sainfo
? ??????? local_id ? remote_id, ??? ??????? ? man racoon.conf

???? ???? ???????, ??? ? ????? ???? ???????????? ?????? ??????? IKE ????? ???????????
????? ?????????: ???? ?? ????? ??????????? ?????? ??????, ??? ???????? ??????? SPD -
???? ?? ?????????? ? /etc/ipsec.conf ????? spdadd, ?? ??? ???? ?? ??????? ????? SA;
???? ???????? racoonctl vpn-connect.


From eugen at grosbein.net  Thu Aug  1 13:42:52 2019
From: eugen at grosbein.net (Eugene Grosbein)
Date: Thu, 1 Aug 2019 17:42:52 +0700
Subject: [freebsd]
 =?utf-8?b?bXBkNS3RgdC10YDQstC10YAg0L3QtSDRg9GB0YLQsNC9?=
 =?utf-8?b?0LDQstC70LjQstCw0LXRgtGB0Y8gcHB0cCDRgdC+0LXQtNC40L0/P9C90Lg=?=
 =?utf-8?b?0LU=?=
In-Reply-To: <9aeb6974-4c40-1440-694d-031d44b5ff19@grosbein.net>
References: <nycvar.OFS.7.76.4444.1907311200230.9667@tj1.negpncvgny.hn>
 <c4baabdb68557dd4e4fc6f65a2c628ae.squirrel@mail.univ.kiev.ua>
 <nycvar.OFS.7.76.4444.1907311911250.9667@tj1.negpncvgny.hn>
 <466040df757d6ef07a90183aa0ffeef0.squirrel@mail.univ.kiev.ua>
 <nycvar.OFS.7.76.4444.1907311931410.9667@tj1.negpncvgny.hn>
 <007964c08b5ef876fb044e3e6863b249.squirrel@mail.univ.kiev.ua>
 <nycvar.OFS.7.76.4444.1907312012030.9667@tj1.negpncvgny.hn>
 <d2c060a43679f8d8ebe17b6d73455bed.squirrel@mail.univ.kiev.ua>
 <854d4f96-48f7-f580-6454-048675193368@grosbein.net>
 <dcef7a7b-eb0b-d0d3-d06e-e246a8755e56@unislabs.com>
 <9aeb6974-4c40-1440-694d-031d44b5ff19@grosbein.net>
Message-ID: <2f045cc9-d969-0937-a19e-ec41694eb5d5@grosbein.net>

01.08.2019 17:08, Eugene Grosbein ?????:
> 01.08.2019 4:39, ???????? ???????? ?????:
>> 31.07.2019 21:55, Eugene Grosbein ?????:
>>> 01.08.2019 0:35, Alexander Sheiko ?????:
>>>> ? ?????? ?? ???, 31 ??? 2019, 20:12 Yaroslav Shvets ?????:
>>>>
>>>>> ?? ??????. ?????? - ?????????.
>>>> ??? ??????? - ????????? L2TP ??? IPSEC (??????????? ? ??????? ? ?????,
>>>> ????? ?????????? RC4, ??? ? PPTP).
>>> ????? ????? ? ? IPSEC, ??????? ? 11.1-RELEASE ??? ????? ?? ???????, ??????? NAT-T.
>> ?? ?????????? ????????? ??????? ??? ??????????? ?? ??? ??????? ??????? (????? ? ??????)?
>> security/strongswan, security/ipsec-tools ??? ?????????? ????, ??? ???? ? ??????? ????????
> 
> ?????? ???????, ?????????????? ? ???? L2TP/IPSEC-?????????????? ??? FreeBSD
> ??? ????????? Windows, MacOS/X, ???????? ? iOS. IKE-???????? ??? FreeBSD ? ???? ???,
> ?? ? ??????? ??????? ?????????? ????? ??? IKE-?????? (??????), ??? ??? ?????
> ???? racoon ?? ipsec-tools, ???? stronswan.
> 
> ? ???? ???? ?????? ? racoon ? ?????? ??? ????????????? ????? ??? ??,
> ??? ??????, ?????? ?????? sainfo anonymous ??? ???? ????????? sainfo
> ? ??????? local_id ? remote_id, ??? ??????? ? man racoon.conf
> 
> ???? ???? ???????, ??? ? ????? ???? ???????????? ?????? ??????? IKE ????? ???????????
> ????? ?????????: ???? ?? ????? ??????????? ?????? ??????, ??? ???????? ??????? SPD -
> ???? ?? ?????????? ? /etc/ipsec.conf ????? spdadd, ?? ??? ???? ?? ??????? ????? SA;
> ???? ???????? racoonctl vpn-connect.

??, ? ?????? ??????? ????????????, ????? ???????? ????????????? ? racoon.conf
? ?????? remote:

script "/usr/local/etc/racoon/phase1" phase1_up;

?????? ??????????? ????? ????????? ???????????? ?????? ???? IKE (????? ??????????????)
? ? ??? ????? ?????? ??? ??? ??????. ????????, ? ????????? ????????????? ????????? (RouterOS),
? ???????? ???? ?????????? ???????????, ????????? ? IKE ????????????
?????? ? ????? ???????, ? ???????????? ? ???????? IKE-?????? ?????????? ????? SA,
??? ?????? ? ??????? ????????? ???? ????????????? ? ????????????? scripe phase1
????????? ??? ???????? ?????????????? ???????? ????:

echo "spdadd $LOCAL_ADDR/32 $REMOTE_ADDR/32 ipencap -P out ipsec esp/transport//require;" | setkey -c

??? ? ??????? ????? ????????? ??????? if_gif(4) (? ?????? ?????????, ??????? ?????????? ???????????? IPENCAP)
??? if_ipsec (? ?????? ??????????? ?????? IPSEC) ? ??????????? IP,
??????? ?????????? ????????? ????????????? ?????? ? ??????? ?????? ?????? ???????.