From owner-freebsd-net Wed Feb 21 22:54: 3 2001 Delivered-To: freebsd-net@freebsd.org Received: from obsecurity.dyndns.org (adsl-64-165-226-53.dsl.lsan03.pacbell.net [64.165.226.53]) by hub.freebsd.org (Postfix) with ESMTP id A2B7937B401 for ; Wed, 21 Feb 2001 22:54:00 -0800 (PST) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id 83A9866F2F; Wed, 21 Feb 2001 22:53:56 -0800 (PST) Date: Wed, 21 Feb 2001 22:53:55 -0800 From: Kris Kennaway To: Stephen Cimarelli Cc: freebsd-net@freebsd.org Subject: Re: Help with IPSEC Message-ID: <20010221225355.A68921@mollari.cthul.hu> References: Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="7JfCtLOvnd9MIVvH" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from stephen@clari.net.au on Wed, Feb 21, 2001 at 10:00:09AM +1100 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org --7JfCtLOvnd9MIVvH Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Wed, Feb 21, 2001 at 10:00:09AM +1100, Stephen Cimarelli wrote: > * Most users seem to use gif devices to setup the tunnels instead of IPsec > tunnels, Why? gif is the name of the device used to implement tunneling. > What ports/protocols do I need to allow through a firewall to allow gif and > IPsec to work? gif isn't a protocol, it's an interface name. Check /etc/protocols for the protocol number of the AH and ESP protocols, which IPSEC uses depending on which mode you run it in. Kris --7JfCtLOvnd9MIVvH Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE6lLeDWry0BWjoQKURAqK5AKCDCNbmd1x5EdpnddRqx78/8hOhMgCfQvYO P/5SrFdRSEhVzKZAVwG0yuk= =fJDV -----END PGP SIGNATURE----- --7JfCtLOvnd9MIVvH-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message