From owner-freebsd-security Sat Sep 25 13:22:40 1999 Delivered-To: freebsd-security@freebsd.org Received: from lily.ezo.net (lily.ezo.net [206.102.130.13]) by hub.freebsd.org (Postfix) with ESMTP id EF4A2151FD for ; Sat, 25 Sep 1999 13:22:35 -0700 (PDT) (envelope-from jflowers@ezo.net) Received: from lily.ezo.net (jflowers@localhost.ezo.net [127.0.0.1]) by lily.ezo.net (8.8.7/8.8.7) with SMTP id QAA28047; Sat, 25 Sep 1999 16:22:15 -0400 (EDT) Date: Sat, 25 Sep 1999 16:22:15 -0400 (EDT) From: Jim Flowers To: "Theo Purmer (Tepucom)" Cc: "'freebsd-security@FreeBSD.ORG'" Subject: Re: skip and vpn In-Reply-To: <01BF06EA.77C24EC0@kantoor-1.tepucom.nl> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Use different subnets for each of your internal rfc1918 networks and then route the opposite end subnet to your local skiphost tunnel end. Only the skiphost ACL record and external interface has to know about the opposite end routable address. Jim Flowers #4 ISP on C|NET, #1 in Ohio On Sat, 25 Sep 1999, Theo Purmer (Tepucom) wrote: > Hi all..... > > got a problem here with skip and a vpn > > ive got two gateways running ipf, ipnat and skip. > it all works the gateways are on the internet...(far apart) > > on the inside of the gateways im using rfc1918 > networks. I want to be able to go from one internal > network via the vpn (using skip for encryption) to > the other internal network. > > but i cannot just set up a route for the other internal > network using the other skip gateway. I then get arp > errors cuz it wants the other gateway to be on his > subnet > > anybody got any ideas as how to get the tunnel running? > > thanks > > theo purmer > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message