From owner-freebsd-net@FreeBSD.ORG  Sat May  1 13:16:04 2004
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 96AB916A4CE; Sat,  1 May 2004 13:16:04 -0700 (PDT)
Received: from bigass1.bitblock.com (ns1.bitblock.com [66.199.170.4])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 49AE943D62; Sat,  1 May 2004 13:16:04 -0700 (PDT)
	(envelope-from mitch@bitblock.com)
Received: from a1200 ([24.83.187.201])
  (AUTH: LOGIN mitch@bitblock.com)
  by bigass1.bitblock.com with esmtp; Sat, 01 May 2004 20:15:59 +0000
X-Abuse-Reports: Visit http://www.bitblock.com/abuse.php
X-Abuse-Reports: and submit a copy of the message headers
X-Abuse-Reports: or review our policies and procedures
X-Abuse-Reports: ID= 4094057F.00006381.bigass1.bitblock.com,dns;
	a1200 ([24.83.187.201]),AUTH: LOGIN mitch@bitblock.com
From: "Mitch (bitblock)" <mitch@bitblock.com>
To: "Robert Blacquiere" <freebsd-isp@guldan.demon.nl>
Date: Sat, 1 May 2004 13:15:59 -0700
Message-ID: <JFEFJAFJPNHFPLKLGIHEKEGIDNAA.mitch@bitblock.com>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0)
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
In-Reply-To: <20040501091220.GT67426@bombur.guldan.demon.nl>
cc: freebsd-isp@freebsd.org
cc: freebsd-net@freebsd.org
Subject: RE: Routing and VPN troubles...
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 01 May 2004 20:16:04 -0000



> May be it is possible to use proxy arp on de "gateway" FBSD4
> machine. So all
> machines can talk to each thru FBSD4 box. We use some similair setup to
> prevent people to talk to each without us knowning (bigboss is watching).
>
> All traffic will then be handled by the proxy arp box.
>

I'll look and see what info I can find on this idea - had a few people
suggest I switch to OpenVPN instead of IPSec which creates virtual devices
allowing full firewalling etc.

Thanks Robert

m/