Date: Thu, 27 Nov 2003 23:25:00 +0000 From: Lewis Thompson <purple@lewiz.net> To: questions@freebsd.org Subject: Require IPSEC transparent. Message-ID: <20031127232500.GA43262@lewiz.org>
next in thread | raw e-mail | index | archive | help
--ew6BAiZeqk4r7MaW Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi, I'm wondering if the following situation would be possible: I have a small LAN (one server, three workstations) and want to fully encrypt it (since it's quite easy for somebody to plug into my switch -- I'm at university and the machines are in my room). What I would like is for my server (FreeBSD 4.9-RELEASE) to only accept IPSEC encrypted packets on the range, say, 192.168.0.1-192.168.0.24. Anything above 24 can talk without IPSEC, but all sorts of insecure services are firewalled off. This seems a nice way to do things to me (although I am very open to suggestions) but I have little idea how I would mandate IPSEC packets. I currently have IPSEC ESP/transparent between my server and a workstation so I could easily expand this to more machines. Thanks very much, -lewiz. --=20 I was so much older then, I'm younger than that now. --Bob Dylan, 1964. ------------------------------------------------------------------------ -| msn:purple@lewiz.net | jabber:lewiz@jabber.org | url:www.lewiz.org |- --ew6BAiZeqk4r7MaW Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/xofMItq0KFQv7T8RAqhHAJ9x8tOpAcyc0UKzYFEa7m6h3vVdPwCeNGX3 FXzDezJYmuvWxpiiQ00XhI0= =sQA8 -----END PGP SIGNATURE----- --ew6BAiZeqk4r7MaW--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031127232500.GA43262>