Date: Wed, 24 Jan 2001 15:53:26 -0000 From: "Bruno Miguel" <brunomiguel@netcabo.pt> To: freebsd-ipfw@FreeBSD.ORG Cc: The Babbler <bts@babbleon.org>, freebsd-ipfw@FreeBSD.ORG Subject: Re: IPSEC tunnelling Message-ID: <3A6EFA76.17540.17FDF1@localhost> In-Reply-To: <20010121173807.B10761@rfx-216-196-73-168.users.reflex> References: <3A6D367EA1EFD4118C9B00A0C9DD99D7064AE8@rerun.lucentctc.com>; from mcambria@avaya.com on Sun, Jan 21, 2001 at 07:35:40PM -0500
next in thread | previous in thread | raw e-mail | index | archive | help
> > I'm using IPSec tunnel mode, with ESP, but no authentication. I'm also not
> > using AH.
>
> Tunnel mode is troublesome to mix with NAT. AH is impossible to run
> through NAT.
I tried using a skipto rule when packets from local network tried to reach the
other local network... skipping the divert rule. To no avail..
I was trying to use tunnel mode, only esp.
I wonder if someone has done it..... i normally use ipfilter, but the ipfw divert
rule being able to be bypassed by a skipto rule made me try ipfw. It didn't
work..... when I setup a 10.x.x.x. network it worked..... but it was nattin'
192.168.x.x network. I wonder what went wrong.
...:-=>> The freaking Mail Band <<=-:...
hununu@netcabo.pt
D.E.Q. @ I.S.T. - Portugal
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A6EFA76.17540.17FDF1>