Date: Thu, 3 Jan 2002 11:01:26 -0600 From: "Jay Austad" <austad@marketwatch.com> To: <freebsd-questions@freebsd.org> Subject: setting up ipsec tunnelling routers Message-ID: <54180709DD3FE145917BB165AFE7EFA002E0D2CF@mspexch2.office.mktw.net>
next in thread | raw e-mail | index | archive | help
Ok, so say I have 2 offices that I want to connect together via an ipsec tunnel. I have 2 freebsd boxes, each with an inside and outside interface, and I've compiled IPSec into the kernels and have it working fine. I do have a couple of questions though: 1. What is the best daemon to use to pass dynamic routes between the two boxes and into the local networks on each side? I've found routed, gated, mrtd, and zebra. Is anyone using any of these? MRTD (http://www.mrtd.org) looks to be the most robust. 2. Since I will obviously have ip_forwarding turned on, what's the best way to make sure only traffic coming in and out of the tunnel gets routed to the internal networks? I don't want traffic to be able to come in on the external interface and get routed to the internal network, which is entirely possible in a datacenter environment when you share a block of ip's with other people. Thanks. ---------- Jay Austad Network Administrator CBS Marketwatch 612.817.1271 austad@marketwatch.com <mailto:austad@marketwatch.com> http://cbs.marketwatch.com http://www.bigcharts.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?54180709DD3FE145917BB165AFE7EFA002E0D2CF>