Date: Fri, 2 May 2003 16:06:50 -0300 (ART) From: Fernando Gleiser <fgleiser@cactus.fi.uba.ar> To: Guy Middleton <guy@obstruction.com> Cc: freebsd-security@freebsd.org Subject: Re: how to configure a FreeBSD firewall to pass IPSec? Message-ID: <20030502160124.Q9299-100000@cactus.fi.uba.ar> In-Reply-To: <20030430165348.A23754@chaos.obstruction.com>
index | next in thread | previous in thread | raw e-mail
On Wed, 30 Apr 2003, Guy Middleton wrote: > > Ok, now I'm confused. The same client (Cisco VPN 3.5 on Windows) works > through a LinkSys router / NAT gateway (a BEFSR81) at a different location. > The LinkSys even has a friendly little check-box to allow IPSec pass-through. > > I would like the FreeBSD gateway to work the same way as the LinkSys. I have set up both Cisco and Checkpoint VPNs behind a FreeBSD router/firewall runing IPFilter using both ESP and UDP encapsulation. It works like a charm. In the ESP case, I have to 'bimap' (one to one NAT) the internal host to an external IP. The UDP encapsulated case worked right out of the box. Ferhome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030502160124.Q9299-100000>