Date: Mon, 2 Jun 2008 17:57:34 -0400 From: alexus <alexus@gmail.com> To: "Bob McConnell" <rvm@cbord.com> Cc: freebsd-questions@freebsd.org Subject: Re: VPN (IPSEC) Message-ID: <6ae50c2d0806021457r6ceb5ebfvd279c03d7eaa2b68@mail.gmail.com> In-Reply-To: <FF8482A96323694490C194BABEAC24A002D043EA@Email.cbord.com> References: <6ae50c2d0805311649p14863af3y43af39fb4aa2cc8a@mail.gmail.com> <6ae50c2d0806020913v2c7665b8nc3673e30cb8627cc@mail.gmail.com> <FF8482A96323694490C194BABEAC24A002D043EA@Email.cbord.com>
next in thread | previous in thread | raw e-mail | index | archive | help
i dont really use encryption (IPSEC), i just create a regular tunnel using GIF interface, and it's already not working at this part... it works fine in different enviroment, where both ends has public and private IP On Mon, Jun 2, 2008 at 12:27 PM, Bob McConnell <rvm@cbord.com> wrote: > On Behalf Of alexus >> >>anyone? >> >> >>On Sat, May 31, 2008 at 7:49 PM, alexus <alexus@gmail.com> wrote: >>> Hello, >>> >>> I'm trying to establish a VPN tunnel over internet, I read a >>> http://www.freebsd.org/doc/en/books/handbook/ipsec.html on how to set >>> it up, I'm some what strangeling if my setup will work at all. >>> > > IIRC, IPSEC cannot work through a NAT connection. NAT changes header > fields that IPSEC uses for packet authentication. So the receiver cannot > validate the content of the modified header. > > Bob McConnell > -- http://alexus.org/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6ae50c2d0806021457r6ceb5ebfvd279c03d7eaa2b68>