Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 9 Apr 2002 13:36:27 +0200
From:      "Dennis Pedersen" <trm@daydreamer.dk>
To:        <freebsd-net@FreeBSD.ORG>, "Rogier R. Mulhuijzen" <drwilco@drwilco.net>
Subject:   Re: IPsec tunnel mode
Message-ID:  <00bd01c1dfba$c93724f0$0301a8c0@dpws>
References:  <MPENKFCCIIDAJKJJOLBHMEAJCNAA.tariq@inty.net> <5.1.0.14.0.20020408200151.01cac1f0@mail.drwilco.net> <007501c1df3f$326d92a0$0301a8c0@dpws> <3CB20A6D.3040704@isi.edu> <5.1.0.14.0.20020409123453.01d16880@mail.drwilco.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
From: "Rogier R. Mulhuijzen" <drwilco@drwilco.net>


> At 12:16 9-4-2002 +0200, Dennis Pedersen wrote:
> >But uhm is there a 'simple' way of doing this? (as in just adding the IP
of
> >the other ends gif interface as destinatio in my routes?
> >The setup today i an exact copy of (other IP's of course)
> >www.freebsddiary.org/ipsec-tunnel.php
> >This works just fine besides til problem with my routes, arcording to the
> >draft IPIP is the solution. My Question is now how do i set up with an
IPIP
> >tunnel?
> >On http://rr.sans.org/firewall/IPSec_VPN.php there is an example, from my
> >point of view it looks kind of complicated. Can it be made any simpler?
> >If this is the way to do it,  can i run mutible natd on both my external
> >interface and the virtual gif interface (the howto creates the gif tunnel
> >and diverts all trafic into this tunnel with natd on both ends) and how?
> >(because i can't really se how the ipfw add divert natd can tell the
> >difference between te 2 sessions of natd)
>
> That 2nd example is actually quite straightforward. It's just rather
extensive.

Okai i'll try it then , thanx :)

>
> And yes you can use 2 nat daemons. The 'natd' in the ipfw divert rule is
> just a port number. You can start a second nat on a different divert port,
> and use that other portnumber in the ipfw divert rule.

Uhm okai, but where do i see the port number for the 2 natd processes? , kan
i specify it somewhere or?

/Dennis


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00bd01c1dfba$c93724f0$0301a8c0>