From owner-freebsd-net@FreeBSD.ORG Wed Oct 29 14:17:23 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E85A516A4CE; Wed, 29 Oct 2003 14:17:23 -0800 (PST) Received: from p4.ecoms.com (ns1.ecoms.com [207.44.130.137]) by mx1.FreeBSD.org (Postfix) with ESMTP id EF67943FF3; Wed, 29 Oct 2003 14:17:20 -0800 (PST) (envelope-from michael@roq.com) Received: by p4.ecoms.com (Postfix, from userid 12021) id 70854268133; Wed, 29 Oct 2003 18:45:54 -0600 (CST) Received: from mx2.freebsd.org (mx2.freebsd.org [216.136.204.119]) by p4.ecoms.com (Postfix) with ESMTP id 9B3F026812D for ; Wed, 29 Oct 2003 18:45:53 -0600 (CST) Received: from hub.freebsd.org (hub.freebsd.org [216.136.204.18]) by mx2.freebsd.org (Postfix) with ESMTP id 072EB562F0; Wed, 29 Oct 2003 14:17:13 -0800 (PST) (envelope-from owner-freebsd-isp@freebsd.org) Received: from hub.freebsd.org (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id E47C916A4EB; Wed, 29 Oct 2003 14:17:10 -0800 (PST) Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D52E616A4D1; Wed, 29 Oct 2003 14:15:36 -0800 (PST) Received: from aragorn.summit.net.au (aragorn.summit.net.au [203.221.180.33]) by mx1.FreeBSD.org (Postfix) with ESMTP id A5FF143FF3; Wed, 29 Oct 2003 14:15:35 -0800 (PST) (envelope-from lachlan@fatpanda.net) Received: from 127.0.0.1 (localhost [127.0.0.1]) by mail.summit.net.au (Postfix) with SMTP id 62B7414D41; Thu, 30 Oct 2003 09:15:30 +1100 (EST) Received: from felix (project.summit.net.au [218.185.87.4]) by aragorn.summit.net.au (Postfix) with SMTP id 7027714CF2; Thu, 30 Oct 2003 09:15:29 +1100 (EST) From: "Lachlan" To: "Nucleo de Pesquisa e Desenvolvimento" , Date: Thu, 30 Oct 2003 09:15:32 +1100 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <1545.172.72.12.252.1067458540.squirrel@intranet.el.com.br> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Importance: Normal Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Sender: owner-freebsd-isp@freebsd.org Errors-To: owner-freebsd-isp@freebsd.org X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on p4.ecoms.com X-Spam-Status: No, hits=0.0 required=5.0 tests=none autolearn=ham version=2.60 X-Spam-Level: cc: freebsd-isp@freebsd.org Subject: RE: IPSEC in tunnel mode ( possible? ) X-BeenThere: freebsd-net@freebsd.org List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Oct 2003 22:17:24 -0000 I'm not sure if my guess is correct. But instead of using windows over ipsec, i would use 2 FreeBSD boxes. eg, Client Host -- [ipsec on bsd] -- (( wirless )) -- [ipsec on bsd to decrypt] -- (( internet )) Not sure if that's what you're trying to do, was a little hard to understand. If that is the case, there is a nice article on freebsd diary that covers this pretty well. http://www.freebsddiary.org/ipsec.php Regards, Lachlan -----Original Message----- From: owner-freebsd-isp@freebsd.org [mailto:owner-freebsd-isp@freebsd.org]On Behalf Of Nucleo de Pesquisa e Desenvolvimento Sent: Thursday, October 30, 2003 7:16 AM To: freebsd-net@freebsd.org Cc: freebsd-isp@freebsd.org Subject: IPSEC in tunnel mode ( possible? ) Hi everyone, I know it is kind an off-topic question but maybe another network admi= n have already faced the following: client--[__ipsec__]--gw--[__ip__]--internet I, trying to secure a wireless link, want to have my clients using ipsec on the segment between the gateway gw and the machine itself even when the traffic is to the internet and not only to the gateway ( what works fine in transport mode anyway ). The clients are windows machines. Accordingly to Microsoft 252735 tunnel is possible when a windows is acting as a gateway, not our scenario where machines are only clients... Any one could point me to some url or send me keywords I should look for please? If things won=B4t work with ipsec I=B4ll do it with MPD... bu= t I still should have ask it here. Thanks in advance ( and sorry for the cross posting ), -- =3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D= -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D Paiva, Gilson de Domingos Martins mailto:npd@el.com.br Brazil http://www.el.com.br/ E&L Producoes de Software http://www.FreeBSD.org/ FreeBSD: The Power to Serve =3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D= -=3D-=3D-=3D-=3D-=3D-=3D-=3D- _______________________________________________ freebsd-isp@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-isp To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" _______________________________________________ freebsd-isp@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-isp To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"