Date: Wed, 30 Apr 2003 14:03:58 -0500 From: Eric Anderson <anderson@centtech.com> To: Lowell Gilbert <freebsd-security-local@be-well.no-ip.com> Cc: freebsd-security@freebsd.org Subject: Re: how to configure a FreeBSD firewall to pass IPSec? Message-ID: <3EB01E1E.1040808@centtech.com> References: <20030430094537.A20710@chaos.obstruction.com> <44k7dbn7jv.fsf@be-well.ilk.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Lowell Gilbert wrote: > Guy Middleton <guy@obstruction.com> writes: > > >>I have a FreeBSD box acting as a firewall and NAT gateway >> >>I would like to set it up to transparently pass IPSec packets -- I have >>an IPSec VPN client running on another machine, connecting to a remote network. >> >>Is there a way to do this? I can't find any hints in the man pages. > > > It's impossible. IPSEC can't be passed through a NAT. > > The best you could do would be to terminate the tunnel on the gateway itself. It actually depends on what is being "ipsec"'ed .. but for most real uses, you are right.. Eric -- ------------------------------------------------------------------ Eric Anderson Systems Administrator Centaur Technology Attitudes are contagious, is yours worth catching? ------------------------------------------------------------------
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3EB01E1E.1040808>