[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: IPSec VPN and Watchguard Firebox 2

Hi Marcel,

> Does anybody know if there are any news concerning freeswan and 
> Watchguard Firebox 2 interoperability? Some time ago I read that the two 
> would not work together, as Watchguard does  not use triple DES during 
> the negotiation phase. Is there a patch around for freeswan?

The new watchguard version 6.0 support both DES types in phase 1
(DES/3DES). So you should be able to create a static tunnel between the
friebox and you freeswan host.

If you would like to create a dynamic tunnel (dynamic ip for freeswan),
the freeswan must support the aggressive mode, and I'm not sure if
freeswan supports this.

Btw: I have two tunnels between a firebox and some OpenBSD Host and it
works great. So I think with the new 6.0 version this should be no
problem for FreeSwan.

You can take a look at the following url to see a sample config for 6.0:

Happy ipsec'ing


Thorsten Sauter

				(Is there life after /sbin/halt -p?)

Attachment: pgpXIYHoYBrXn.pgp
Description: PGP signature

Reply to: