From owner-freebsd-questions@FreeBSD.ORG Mon Jun 2 21:57:34 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E884F106564A for ; Mon, 2 Jun 2008 21:57:34 +0000 (UTC) (envelope-from alexus@gmail.com) Received: from rv-out-0506.google.com (rv-out-0506.google.com [209.85.198.230]) by mx1.freebsd.org (Postfix) with ESMTP id CF48B8FC13 for ; Mon, 2 Jun 2008 21:57:34 +0000 (UTC) (envelope-from alexus@gmail.com) Received: by rv-out-0506.google.com with SMTP id b25so1298910rvf.43 for ; Mon, 02 Jun 2008 14:57:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=tI1R66KIZ1xys05cXcsp5RCIvayyT+Vs88OVQrePe20=; b=WNiGrQSvhwfNq88+1YBIQJGToUorF8FoibLdKYIpxpC4jh9IcHpVnsWHD6jfeg9oPlzrY14xr8G5fUa7E9YYuyNeWpR9tb2WrpJ8AjltsQAPf7tdV3EIzEZl0FXekSLDMKjfUCCK3h6niip9PBEGR5eSbXVcTmjedREcO4Wwbq0= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=PtNCrbRyUkvoZFkh+XUYCebtt4lOV0r8qZz1vTSOjOoJ3ektrHOgHEx7sqyyrrc+u8VPVB2DP79C+UckiX+h16dOSzVVZ+KorEuNhwZrfOAwQT85UxN3yQV8/eFMtSJiUh6bpc7xqGJmt7Kx4Nk36TiiHklkHPS4KOqWL6ehFR0= Received: by 10.114.108.15 with SMTP id g15mr6430157wac.181.1212443854469; Mon, 02 Jun 2008 14:57:34 -0700 (PDT) Received: by 10.114.67.7 with HTTP; Mon, 2 Jun 2008 14:57:34 -0700 (PDT) Message-ID: <6ae50c2d0806021457r6ceb5ebfvd279c03d7eaa2b68@mail.gmail.com> Date: Mon, 2 Jun 2008 17:57:34 -0400 From: alexus To: "Bob McConnell" In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <6ae50c2d0805311649p14863af3y43af39fb4aa2cc8a@mail.gmail.com> <6ae50c2d0806020913v2c7665b8nc3673e30cb8627cc@mail.gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: VPN (IPSEC) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2008 21:57:35 -0000 i dont really use encryption (IPSEC), i just create a regular tunnel using GIF interface, and it's already not working at this part... it works fine in different enviroment, where both ends has public and private IP On Mon, Jun 2, 2008 at 12:27 PM, Bob McConnell wrote: > On Behalf Of alexus >> >>anyone? >> >> >>On Sat, May 31, 2008 at 7:49 PM, alexus wrote: >>> Hello, >>> >>> I'm trying to establish a VPN tunnel over internet, I read a >>> http://www.freebsd.org/doc/en/books/handbook/ipsec.html on how to set >>> it up, I'm some what strangeling if my setup will work at all. >>> > > IIRC, IPSEC cannot work through a NAT connection. NAT changes header > fields that IPSEC uses for packet authentication. So the receiver cannot > validate the content of the modified header. > > Bob McConnell > -- http://alexus.org/