From owner-freebsd-net  Tue Jun 18  6:40: 7 2002
Delivered-To: freebsd-net@freebsd.org
Received: from proton.hexanet.fr (proton.hexanet.fr [81.23.32.33])
	by hub.freebsd.org (Postfix) with ESMTP id EE04B37B408
	for <net@freebsd.org>; Tue, 18 Jun 2002 06:39:58 -0700 (PDT)
Received: from hexanet.fr (localhost [127.0.0.1])
	by proton.hexanet.fr (8.12.3/8.12.3) with SMTP id g5IDdufS003940
	for <net@freebsd.org>; Tue, 18 Jun 2002 15:39:56 +0200 (CEST)
	(envelope-from c.prevotaux@hexanet.fr)
Date: Tue, 18 Jun 2002 15:39:56 +0200
From: Christophe Prevotaux <c.prevotaux@hexanet.fr>
To: net@freebsd.org
Subject: IPIP (kind of) with Payload Encryption only
Message-Id: <20020618153956.2a9352fa.c.prevotaux@hexanet.fr>
Organization: HEXANET Sarl
X-Mailer: Sylpheed version 0.7.4 (GTK+ 1.2.10; i386-portbld-freebsd4.4)
X-NCC-RegID: fr.hexanet
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-net.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-net>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-net>
X-Loop: FreeBSD.org

Hi,

Could someone tell me if there is a way to build a VPN(like) tunnel from
a FreeBSD machine acting as a VPN gateway to another machine acting as
another VPN gateway using normal IP packets that have only their data
payload encrypted. Of course there would have to be a way to setup the
tunnel and still retain the network addressing of each side of the VPN

I thought about some kind of IPIP tunneling but with data payload
encryption and some kind of key exchange for authentication

has anyone made or seen such a system yet ? 

I do not want to use (I can't) AH and ESP for this because of some
technical contraints 

               +-------------+   +---------+
               | VPN gateway |---| Router  |--------+
 --Network A===|==FreeBSD====|===|=========|==      |
               +-------------+   +---------+ ||     |        
                                            VPN   Internet  
                                             ||     |        
               +-------------+   +---------+ ||     |        
 --Network B===|=VPN gateway=|===|=Router==|==      |
               |  FreeBSD    |---|         |--------+
               +-------------+   +---------+

--
===============================================================
Christophe Prevotaux      Email: c.prevotaux@hexanet.fr
HEXANET SARL                URL: http://www.hexanet.fr/
Z.A.C Les Charmilles        Tel: +33 (0)3 26 79 30 05 
3 Allée Thierry Sabine   Direct: +33 (0)3 26 61 77 72 
BP202                       Fax: +33 (0)3 26 79 30 06
51686 Reims Cedex 2 		                   
FRANCE                   HEXANET Network Operation Center             
===============================================================

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message