Date: Fri, 2 May 2003 16:06:50 -0300 (ART) From: Fernando Gleiser <fgleiser@cactus.fi.uba.ar> To: Guy Middleton <guy@obstruction.com> Cc: freebsd-security@freebsd.org Subject: Re: how to configure a FreeBSD firewall to pass IPSec? Message-ID: <20030502160124.Q9299-100000@cactus.fi.uba.ar> In-Reply-To: <20030430165348.A23754@chaos.obstruction.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 30 Apr 2003, Guy Middleton wrote: > > Ok, now I'm confused. The same client (Cisco VPN 3.5 on Windows) works > through a LinkSys router / NAT gateway (a BEFSR81) at a different location. > The LinkSys even has a friendly little check-box to allow IPSec pass-through. > > I would like the FreeBSD gateway to work the same way as the LinkSys. I have set up both Cisco and Checkpoint VPNs behind a FreeBSD router/firewall runing IPFilter using both ESP and UDP encapsulation. It works like a charm. In the ESP case, I have to 'bimap' (one to one NAT) the internal host to an external IP. The UDP encapsulated case worked right out of the box. Fer
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030502160124.Q9299-100000>