Date: Sun, 4 Dec 2011 08:54:45 -0800 From: Devin Teske <devin.teske@fisglobal.com> To: Alejandro Imass <aimass@yabarana.com> Cc: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: * Re: IPSec in Jail Message-ID: <5E7F61A5-DDC9-463B-85CC-834C5DADC125@fisglobal.com> In-Reply-To: <CAHieY7SgP5oO0hnGNiDZa8PT3TaFJdmgWNnaVnJcb1b64iCtEg@mail.gmail.com> References: <CAHieY7SgP5oO0hnGNiDZa8PT3TaFJdmgWNnaVnJcb1b64iCtEg@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Dec 3, 2011, at 4:42 PM, Alejandro Imass <aimass@yabarana.com> wrote: > Hello, >=20 > I was following a thread in FBSD Spanish talking about the use of > IPSec in Jails and there was no conclusion to the matter. I have a > client that wants to run a VPN which requires IPSec and he is running > on some jails we provide them. We can provide them with a public IP > for the jail but I'm not sure if this will work. >=20 > I understand from the thread that recompiling the kernel with VIMAGE > enabled should allow the use of IPSec in the jails but apparently > until 8.0 this was experimental. This particular server uses 8.2 so I > would like to know if anyone here has done this and how stable it is? > Would enabling VIMAGE for the base kernel compromise the system and > other clients running on other jails in the same server? We're using 8.1 + VIMAGE and using openvpn, ipfw, and IPSec within jail suc= cessfully. No stability issues with other jails (so far), but then again only been run= ning that setup (with IPSec/openvpn in a vimage) for a few weeks now. But, = so far so good! --=20 Devin >=20 > Thanks beforehand for any valuable comments! >=20 > --=20 > Alejandro Imass > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.o= rg" _____________ The information contained in this message is proprietary and/or confidentia= l. If you are not the intended recipient, please: (i) delete the message an= d all copies; (ii) do not disclose, distribute or use the message in any ma= nner; and (iii) notify the sender immediately. In addition, please be aware= that any message addressed to our domain is subject to archiving and revie= w by persons other than the intended recipient. Thank you.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5E7F61A5-DDC9-463B-85CC-834C5DADC125>