From owner-freebsd-security  Thu Jan 24 11: 8:57 2002
Delivered-To: freebsd-security@freebsd.org
Received: from proxy.centtech.com (moat.centtech.com [206.196.95.10])
	by hub.freebsd.org (Postfix) with ESMTP id E71C237B499
	for <freebsd-security@freebsd.org>; Thu, 24 Jan 2002 11:07:47 -0800 (PST)
Received: from sprint.centtech.com (sprint.centtech.com [10.177.173.31])
	by proxy.centtech.com (8.11.6/8.11.6) with ESMTP id g0OJ7lK28583;
	Thu, 24 Jan 2002 13:07:47 -0600 (CST)
Received: from centtech.com (proton [10.177.173.77])
	by sprint.centtech.com (8.9.3+Sun/8.9.3) with ESMTP id NAA20427;
	Thu, 24 Jan 2002 13:07:46 -0600 (CST)
Message-ID: <3C505B52.58822BEC@centtech.com>
Date: Thu, 24 Jan 2002 13:06:58 -0600
From: Eric Anderson <anderson@centtech.com>
Reply-To: anderson@centtech.com
Organization: Centaur Technology
X-Mailer: Mozilla 4.78 [en] (X11; U; Linux 2.2.12 i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Lawrence Sica <lomifeh@hotmail.com>
Cc: dr3node <rtfm@webburo.ru>, freebsd-security@freebsd.org
Subject: Re: Can't set up an IPsec tunnel.
References: <200201241847.AHX10883@vmms1.verisignmail.com> <3C50588C.7200324B@centtech.com> <OE255XsCj1d4vJFRFWM0001c144@hotmail.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

Can you post that here?  Any changes you needed to make to allow the ESP to be
passed, and any tricks you needed to know to do it?  



Lawrence Sica wrote:
> 
> ----- Original Message -----
> From: "Eric Anderson" <anderson@centtech.com>
> To: "dr3node" <rtfm@webburo.ru>
> Cc: <freebsd-security@freebsd.org>
> Sent: Thursday, January 24, 2002 10:55 AM
> Subject: Re: Can't set up an IPsec tunnel.
> 
> > IPSEC won't work through masquarading boxes or NAT firewalls.
> >
> 
> you have to do lan-to-lan tunneling to get it to work.  It will work i have
> done it.  Big thing is allowing the firewall to pass esp.
> 
> --Larry
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message

-- 
------------------------------------------------------------------
Eric Anderson	 anderson@centtech.com    Centaur Technology
If at first you don't succeed, sky diving is probably not for you.
------------------------------------------------------------------

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message