From owner-freebsd-net@FreeBSD.ORG Mon Oct 19 14:07:21 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1D2701065670 for ; Mon, 19 Oct 2009 14:07:21 +0000 (UTC) (envelope-from ermal.luci@gmail.com) Received: from mail-yw0-f178.google.com (mail-yw0-f178.google.com [209.85.211.178]) by mx1.freebsd.org (Postfix) with ESMTP id C92EE8FC25 for ; Mon, 19 Oct 2009 14:07:20 +0000 (UTC) Received: by ywh8 with SMTP id 8so3879340ywh.3 for ; Mon, 19 Oct 2009 07:07:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:received:in-reply-to :references:from:date:x-google-sender-auth:message-id:subject:to:cc :content-type:content-transfer-encoding; bh=clsXliPAQG4lLlx2/xffzQ0QwuFFCYlnY8YaTTnRS9k=; b=m45JLe//pBIu3BO7HKWWskzFcAIhGoESCQybGRhanwzXOxAd0h/I8eYOXzJWA+w6t4 DWyVAvjyomRH7TK1SEXZ/Q50m+ToBqFMpbtHCxkzZGjXpQIwsfuAyjo1jg7YTRCbPsYT bH7MS9tkVkcylrjFst7w28hyXaBo+KtXOv0i8= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:cc:content-type :content-transfer-encoding; b=M9KMeeNjm5O0Og07JxI6ntBZM8xkSpRqrGstKlwZNw17UiFRV8+7orZK+yN6JAfjQF yzdU9y+i26FoxVPYCjq0zJUuHjpiN4Vfv8V8AZwhPNUQSx+nbr6ImLTvmkhj0sRiI10l fuViLbQ8xe2FV66PqfPobT0hUv+74M7ywo3uI= MIME-Version: 1.0 Sender: ermal.luci@gmail.com Received: by 10.150.240.15 with SMTP id n15mr8157407ybh.212.1255961240085; Mon, 19 Oct 2009 07:07:20 -0700 (PDT) In-Reply-To: <861vkzlula.fsf@srvbsdnanssv.interne.kisoft-services.com> References: <861vkzlula.fsf@srvbsdnanssv.interne.kisoft-services.com> From: =?ISO-8859-1?Q?Ermal_Lu=E7i?= Date: Mon, 19 Oct 2009 16:07:00 +0200 X-Google-Sender-Auth: f5fe4cf450cd642b Message-ID: <9a542da30910190707q7eb173d9xf9085d220a213db1@mail.gmail.com> To: Eric Masson Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: Mailing List FreeBSD Network Subject: Re: IPSec, nat on enc device X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Oct 2009 14:07:21 -0000 On Mon, Oct 19, 2009 at 9:18 AM, Eric Masson wrote: > Hello, > > OpenBSD has support for this kind of setup since last January : > http://undeadly.org/cgi?action=3Darticle&sid=3D20090127205841 > The commit : > http://marc.info/?l=3Dopenbsd-cvs&m=3D123246256228242&w=3D2 > > >From what I've understood, pf, depending on version in FreeBSD, could > already support natting on enc interfaces. > > The missing part seems to be laying at the IKE daemon level. I think you should send this email to ipsec-tool mailing list! Basically the daemon should be modified for this and FreeBSD is not the owner of such code. Just my 2c > > Need of ipsec vpns beetween RFC1918 colliding networks is pretty usual > these days, so has anyone considered working in this area ? > > Regards > > -- > =A0je comprend pas ce a quoi sert ce site ou cette boite a lettre.J'y voi= t > =A0plein de messages et autres anneries alors si tu pouvais m'aider et me > =A0repondre pour m'expliquer a qui et a quoi servent toutes ses phrases > =A0-+- DD in http://www.le-gnu.net : Allo Huston, nous avons un neuneu. -= +- > --=20 Ermal