From owner-freebsd-questions Wed Oct 9 16:42:36 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4A9D837B401 for ; Wed, 9 Oct 2002 16:42:35 -0700 (PDT) Received: from gate21.fw.porsche.de (gate23.fw.porsche.de [193.174.9.99]) by mx1.FreeBSD.org (Postfix) with SMTP id A0DE143E3B for ; Wed, 9 Oct 2002 16:42:33 -0700 (PDT) (envelope-from perisa@porsche.de) Received: (qmail 11208 invoked from network); 9 Oct 2002 23:50:00 -0000 Received: from unknown (HELO wuxin011.ibd.porsche.de) (141.36.65.1) by 193.197.149.150 with SMTP; 9 Oct 2002 23:50:00 -0000 Received: (qmail 5872 invoked from network); 9 Oct 2002 23:42:30 -0000 Received: from beastie.ibd.porsche.de (HELO porsche.de) (141.36.3.29) by smtp4cli.ibd.porsche.de with SMTP; 9 Oct 2002 23:42:30 -0000 Message-ID: <3DA4C0A2.8010601@porsche.de> Date: Thu, 10 Oct 2002 01:49:54 +0200 From: Marc Perisa User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.0.0) Gecko/20020709 X-Accept-Language: en, de-de, es-es MIME-Version: 1.0 To: =?ISO-8859-1?Q?Erik_Paulsen_Sk=E5lerud?= Cc: freebsd-questions@freebsd.org Subject: Re: DHCP Relay over IPSec ESP/Tunnel (Sorry about the duplicate posts, problems with digital ID) References: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG (taking this to questions because it is not a discussion on security topics) Erik Paulsen Skålerud wrote: > Hello. > > Is it possible to use DHCP relay over an IPSec ESP/tunnel? What are the > requirements to accomplish this, and is there any special configuration > I have to use? > > I've been trying to get this to work for two days now, and I'm really > really ready to give up. This is my last resort, so, please, if you do > have any comments, please let me know. Hi Erik, DHCP relay should be possible over any IPSec tunnel (if not the other end of the tunnel has to get its IP from this DHCP server). It is like having one DHCP server and lots of clients in other subnets. Take a look into the handbook under: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/dhcp.html and look out for dhcrelay(8). If your routing over the tunnel works, dhcrelay should work too. Hope that helps Marc PS: I assume, that the tunnel is transparent to the network on both sides. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message