Date: Sun, 22 May 2011 09:31:06 -0500 From: jhall@socket.net To: freebsd-net@freebsd.org Subject: RE: IPSec Routing Message-ID: <20110522143107.7520F106566C@hub.freebsd.org> References: <20110522120030.4B70510656D2@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
>If you were using tunnel mode, the encrypted packet would change its >source and destination IP's, specifying your gateway as the source, and >your vendor's gateway as the destination, so intervening routers would >have no difficulty delivering the packet, or routing reply packets back >to you. This may be where my misunderstanding is coming from. Our vendor has not specified an internal IP address for the other end of the tunnel. They have given me an address to ping once the connection is up and running though. Is it possible to using tunneling mode without an internal IP address on the other gateway? My understanding of the protocol is that this is not possible. Thank you for your help. Jay
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20110522143107.7520F106566C>