From owner-freebsd-questions Thu May 24 17:35:57 2001 Delivered-To: freebsd-questions@freebsd.org Received: from rgmail.regenstrief.org (rgmail.regenstrief.org [134.68.31.197]) by hub.freebsd.org (Postfix) with ESMTP id 7EFC837B422 for ; Thu, 24 May 2001 17:35:53 -0700 (PDT) (envelope-from gunther@aurora.regenstrief.org) Received: from aurora.regenstrief.org (rgnout.regenstrief.org [134.68.31.38]) by rgmail.regenstrief.org (8.11.0/8.8.7) with ESMTP id f4P0ccX08197; Thu, 24 May 2001 19:38:38 -0500 Message-ID: <3B0DA8E5.A0F2BD4A@aurora.regenstrief.org> Date: Fri, 25 May 2001 00:35:49 +0000 From: Gunther Schadow Organization: Regenstrief Institute for Health Care X-Mailer: Mozilla 4.75 [en] (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Dan Larsson Cc: FreeBSD Questions List Subject: Re: IPSec on subnets smaller than /24 References: <20010523091549.T13630-100000@hq1.tyfon.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Dan Larsson wrote: > > Is it possible to run IPSec (tunneling) between subnets smaller than /24? > > If it is I'd appreciate some pointers on the subject. Yes, no problem. I use /29 prefixes. Anything goes. BUT: don't try any IPsec tunneling with anything before the first May KAME-snap. There is a serious bug that caused me many hours of wining and hair-loss until master Itojun found and killed the bug for good. regards, -Gunther -- Gunther Schadow, M.D., Ph.D. gschadow@regenstrief.org Medical Information Scientist Regenstrief Institute for Health Care Adjunct Assistent Professor Indiana University School of Medicine tel:1(317)630-7960 http://aurora.regenstrief.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message