From owner-freebsd-isp@FreeBSD.ORG Wed Oct 29 14:28:06 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6566F16A4CE for ; Wed, 29 Oct 2003 14:28:06 -0800 (PST) Received: from srv00.el.com.br (srv00.el.com.br [200.179.165.123]) by mx1.FreeBSD.org (Postfix) with ESMTP id 31BF343FEC for ; Wed, 29 Oct 2003 14:28:05 -0800 (PST) (envelope-from npd@el.com.br) Received: from intranet.el.com.br (srv00.el.com.br [200.179.165.123]) by srv00.el.com.br (elsmtp) with SMTP id D917C70E37 for ; Wed, 29 Oct 2003 20:28:02 -0200 (BRST) Received: from 172.72.12.252 (SquirrelMail authenticated user npd) by intranet.el.com.br with HTTP; Wed, 29 Oct 2003 20:28:02 -0200 (BRST) Message-ID: <1679.172.72.12.252.1067466482.squirrel@intranet.el.com.br> Date: Wed, 29 Oct 2003 20:28:02 -0200 (BRST) From: "Nucleo de Pesquisa e Desenvolvimento" To: freebsd-isp@freebsd.org User-Agent: SquirrelMail/1.4.1 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 Importance: Normal Subject: Re: Re: IPSEC in tunnel mode ( possible? ) X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Oct 2003 22:28:06 -0000 You got my point Lachlan, you´re right. Having another FBSD box at the client side would really solve my challenge. If I can´t get windows doing it right by itself I´m already considering your idea. Thanks!!! Original message was: I'm not sure if my guess is correct. But instead of using windows over ipsec, i would use 2 FreeBSD boxes. eg, Client Host -- [ipsec on bsd] -- (( wirless )) -- [ipsec on bsd to decrypt] -- (( internet )) Not sure if that's what you're trying to do, was a little hard to understand. If that is the case, there is a nice article on freebsd diary that covers this pretty well. http://www.freebsddiary.org/ipsec.php Regards, Lachlan -----Original Message----- From: owner-freebsd-isp@freebsd.org [mailto:owner-freebsd-isp@freebsd.org]On Behalf Of Nucleo de Pesquisa e Desenvolvimento Sent: Thursday, October 30, 2003 7:16 AM To: freebsd-net@freebsd.org Cc: freebsd-isp@freebsd.org Subject: IPSEC in tunnel mode ( possible? ) Hi everyone, I know it is kind an off-topic question but maybe another network admin have already faced the following: client--[__ipsec__]--gw--[__ip__]--internet I, trying to secure a wireless link, want to have my clients using ipsec on the segment between the gateway gw and the machine itself even when the traffic is to the internet and not only to the gateway ( what works fine in transport mode anyway ). The clients are windows machines. Accordingly to Microsoft 252735 tunnel is possible when a windows is acting as a gateway, not our scenario where machines are only clients... Any one could point me to some url or send me keywords I should look for please? If things won´t work with ipsec I´ll do it with MPD... but I still should have ask it here. Thanks in advance ( and sorry for the cross posting ), -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Paiva, Gilson de Domingos Martins mailto:npd@el.com.br Brazil http://www.el.com.br/ E&L Producoes de Software http://www.FreeBSD.org/ FreeBSD: The Power to Serve =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- _______________________________________________ freebsd-isp@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-isp To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"