Date: Wed, 30 Apr 2003 07:55:27 -0600 From: "David G. Andersen" <danderse@cs.utah.edu> To: Guy Middleton <guy@obstruction.com> Cc: freebsd-security@freebsd.org Subject: Re: how to configure a FreeBSD firewall to pass IPSec? Message-ID: <20030430075527.A54362@cs.utah.edu> In-Reply-To: <20030430094537.A20710@chaos.obstruction.com>; from guy@obstruction.com on Wed, Apr 30, 2003 at 09:45:37AM -0400 References: <20030430094537.A20710@chaos.obstruction.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Guy Middleton just mooed:
> I have a FreeBSD box acting as a firewall and NAT gateway
>
> I would like to set it up to transparently pass IPSec packets -- I have
> an IPSec VPN client running on another machine, connecting to a remote network.
>
> Is there a way to do this? I can't find any hints in the man pages.
It's probably using either ipip, esp, or ipencap. tcpdump the
traffic, and then permit whichever protocol it's using.
permit esp from foo to bar
-Dave
--
work: dga@lcs.mit.edu me: dga@pobox.com
MIT Laboratory for Computer Science http://www.angio.net/
I do not accept unsolicited commercial email. Do not spam me.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030430075527.A54362>