Date: Sat, 14 Jun 2003 11:54:33 +0200 From: lupe@lupe-christoph.de (Lupe Christoph) To: Justin <justin@othius.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Impossible to IPfilter this? Message-ID: <20030614095433.GA29210@lupe-christoph.de> In-Reply-To: <20030612180120.B54558@ike.othius.com> References: <20030607111540.GC4812@lupe-christoph.de> <20030610230744.GD44069@blossom.cjclark.org> <20030612132138.A26888@shell.gsinet.sittig.org> <20030612184124.GD26930@lupe-christoph.de> <20030612180120.B54558@ike.othius.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thursday, 2003-06-12 at 18:08:01 -0400, Justin wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > On Thu, 12 Jun 2003, Lupe Christoph wrote: > > I've used ipsec0 on Linux for similar purposes, and I would like to see > > an IPSec interface in FreeBSD as well. As I said, I could not get GIF to > > work with FreeS/WAN, so I'm stuck with the current interface-deprived > > IPSec implementation. > We haven't gotten to the point of applying ipsec on the traffic between > hosts yet (don't worry, only pings and ssh so far anyway) but a friend and > I have a gif <-> iptun tunnel setup between a FreeBSD 4.8-RELEASE (plus > patches) and a 2.4x kernel with FreeS/WAN. Works fine. I'd appreciate seeing your config files for both sides. racoon.conf and ipsec.conf. > Seattle Wireless group had a handy little shell script that the guy at the > Linux end based his commands off of. We'll see if problems arise when > ipsec is applied to all traffic between the hosts, but I don't anticipate > that will cause any problems. > http://www.seattlewireless.net/index.cgi/IpTunnel I'm afraid, this is talking about IPTunnel. IPTunnel does not do IPSec. As I understand this, the traffic is not secured (authenticated, encrypted). So you may not have the config files I asked for above at all. Please recheck what you have. Thank you, Lupe Christoph -- | lupe@lupe-christoph.de | http://www.lupe-christoph.de/ | | "Violence is the resort of the violent" Lu Tze | | "Thief of Time", Terry Pratchett |
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030614095433.GA29210>