Date: Wed, 3 Mar 2004 19:00:14 -0000 From: "Simon Taylor" <Simon.Taylor@corizon.com> To: <freebsd-security@freebsd.org> Subject: FreeBSD ipsec and NAT Message-ID: <54FEFDDAD23D8A4683BE2F3CD9D1D2A9020AA0@orion.genient.com>
next in thread | raw e-mail | index | archive | help
Hi All, I currently have setup a site to site vpn using racoon on my freebsd firewall. All is well there and I can connect through the vpn when I am on the firewall and get the connection fine. Now I want to be able to connect from other machines through the firewall - this is where I come unstuck, the ipsec policy allows for my external address range to connect through the vpn, but then I would like my internal addresses to first get translated and then routed through the tunnel. But instead when I connect with my internal addresses they get translated, but then try and use the conventional gateway on the machine instead of picking up the ipsec policy. If that makes sense... I am using FreeBSD, ipf, ipnat and racoon. Any help appreciated=20 Simon
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?54FEFDDAD23D8A4683BE2F3CD9D1D2A9020AA0>