From owner-freebsd-questions@FreeBSD.ORG Mon Jul 11 09:55:16 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 19C8D16A41C for ; Mon, 11 Jul 2005 09:55:16 +0000 (GMT) (envelope-from i.tanusheff@procreditbank.bg) Received: from mail.procreditbank.bg (mail.procreditbank.bg [212.95.179.198]) by mx1.FreeBSD.org (Postfix) with SMTP id 04D7A43D46 for ; Mon, 11 Jul 2005 09:55:14 +0000 (GMT) (envelope-from i.tanusheff@procreditbank.bg) Received: (qmail 11879 invoked from network); 11 Jul 2005 12:55:13 +0300 Received: from unknown (HELO localhost) (127.0.0.1) by localhost with SMTP; 11 Jul 2005 12:55:13 +0300 Received: from proxy.procreditbank.bg ([127.0.0.1]) by localhost (mail.procreditbank.bg [127.0.0.1]) (amavisd-new, port 10024) with SMTP id 99453-26 for ; Mon, 11 Jul 2005 12:55:12 +0300 (EEST) Received: (qmail 11868 invoked from network); 11 Jul 2005 09:55:12 -0000 Received: from unknown (HELO outmail.procreditbank.bg) (172.16.248.123) by mail.procreditbank.bg with SMTP; 11 Jul 2005 09:55:12 -0000 In-Reply-To: To: FreeBSD MailingLists MIME-Version: 1.0 X-Mailer: Lotus Notes Release 6.5.1 January 21, 2004 From: Ivailo Tanusheff Message-ID: Date: Mon, 11 Jul 2005 12:55:09 +0300 X-MIMETrack: Serialize by Router on DOMINO_HQ/PROCREDITBANK(Release 6.5.1|January 21, 2004) at 07/11/2005 12:55:11 PM, Serialize complete at 07/11/2005 12:55:11 PM X-Virus-Scanned: by amavisd-new using ClamAV at procreditbank.bg Content-Type: text/plain; charset="US-ASCII" X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: questions Subject: Re: Connecting IPSec from Behind a gateway X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Jul 2005 09:55:16 -0000 As far as I know it's not possible to make IPSec when you use NAT, as IP address is used with crypto. But you can make PPP or PPTP tunel between those two hosts and use IPSec between addresses in the tunel. Ivailo Tanusheff Senior System administrator ProCredit Bank (Bulgaria) AD tel. +359 2 921 7161 fax +359 2 921 7110 http://www.procreditbank.bg Disclaimer: The information contained in this message is intended solely for the use of individual or entity to whom it is addressed and other authorized to receive it. It may contain confidential or legally privileged information. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this message is strictly prohibited and may be unlawful. If you have received this communication in error, please notify us immediately by responding to this email and then delete it from your system. ProCredit Bank is neither liable for the proper and complete transmission of the information contained in this message nor for any delay in its receipt. FreeBSD MailingLists Sent by: owner-freebsd-questions@freebsd.org 07/11/2005 11:06 AM Please respond to FreeBSD MailingLists To questions cc Subject Connecting IPSec from Behind a gateway I am trying to connect 2 FreeBSD 5.4 boxes with an IPSec tunnel using racoon. The problem is the second box is behind a nat'd gateway. The gateway router is a commercial box with "IPSEC Passthrough" enabled. What do I need to do to get this to work? Which IP (global or private) should I use when configure the connection? TIA, Tomoki Taniguchi _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"