From owner-freebsd-security Thu Jul 15 5: 0:29 1999 Delivered-To: freebsd-security@freebsd.org Received: from easeway.com (ns1.easeway.com [209.69.39.1]) by hub.freebsd.org (Postfix) with ESMTP id 99CC314C36 for ; Thu, 15 Jul 1999 05:00:26 -0700 (PDT) (envelope-from mwlucas@easeway.com) Received: (from mwlucas@localhost) by easeway.com (8.8.8/8.8.5) id HAA18635; Thu, 15 Jul 1999 07:48:02 -0400 (EDT) Message-Id: <199907151148.HAA18635@easeway.com> Subject: Re: VPN/Secure Tunnel In-Reply-To: from Terje Elde at "Jul 15, 99 09:18:04 am" To: delta@xti.org (Terje Elde) Date: Thu, 15 Jul 1999 07:48:01 -0400 (EDT) Cc: mwlucas@exceptionet.com, jascha@equilibrate.net, security@FreeBSD.ORG From: mwlucas@exceptionet.com X-Mailer: ELM [version 2.4ME+ PL32 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I've never tried to integrate SKIP with IPSec, so I'm not the one to talk about this. I do know that SKIP does not work behind a NAT, however. Check out www.skip.org; there's a link there for the SKIP mailing list. The NAT/SKIP issue has been beaten to death there. Good luck, ==ml > On Wed, 14 Jul 1999 mwlucas@exceptionet.com wrote: > > >If the firewall is not a NAT, use SKIP (/usr/ports/security/skip). > > > >Very nice, solid, and reliable, and there's even a Windows client if you > >have to add others later. > > >From what I've been told, SKIP is IPSec compatible if you do the keying > manyally, is that correct? Also, any way to get SKIP to work through a NAT > box? -- Michael Lucas | Exceptionet, Inc. | www.exceptionet.com "Exceptional Networking" | To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message