From owner-freebsd-net@FreeBSD.ORG Mon Oct 19 09:34:32 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A5A981065670 for ; Mon, 19 Oct 2009 09:34:32 +0000 (UTC) (envelope-from emss.mail@gmail.com) Received: from mail-fx0-f176.google.com (mail-fx0-f176.google.com [209.85.220.176]) by mx1.freebsd.org (Postfix) with ESMTP id 265378FC13 for ; Mon, 19 Oct 2009 09:34:31 +0000 (UTC) Received: by fxm24 with SMTP id 24so588493fxm.13 for ; Mon, 19 Oct 2009 02:34:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:received:x-virus-scanned :received:received:resent-to:resent-from:resent-message-id :resent-date:x-from-line:to:subject:from:x-operating-system:date :message-id:user-agent:lines:mime-version:content-type; bh=oqH+13grTDVTRh9mXk1EpqNv+V7CBiQNjx8pwU1oSD8=; b=OnufeJzWEWAb9MFRrR+ij3m4aQXb5TDH0WUSqmRi002psfF5D3N/7OjQTw3PPeF3XD hyMmY2WJiRXdw672AhgQzbYP3caxHS5iMT6zrkCwdFXy2bCudPIDGzNeOqdGyW6iQNNR BEXgMf2ve1QHUgQwoqkDv9U6AswA4hXjyS4V8= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=x-virus-scanned:resent-to:resent-from:resent-message-id:resent-date :x-from-line:to:subject:from:x-operating-system:date:message-id :user-agent:lines:mime-version:content-type; b=LJhIcgxMiFwGnZ0GvxVcrPqQ5HNR+4jZogT8SIKHty2WwrQj2z3O8JbQ6Yd/4st3AA WtZn+xNCDcLNDxDRu6Qxof5K44eFRFkJO8UyA2XoSZXC0hXoRYlI0BS2flyWaXx21A99 qdZEMdYTx3RO87LwUoK2YVxq/RUJNt9AY1wK0= Received: by 10.103.127.28 with SMTP id e28mr2021056mun.120.1255944022065; Mon, 19 Oct 2009 02:20:22 -0700 (PDT) Received: from srvbsdnanssv.interne.kisoft-services.com (LCaen-151-92-21-48.w217-128.abo.wanadoo.fr [217.128.200.48]) by mx.google.com with ESMTPS id y37sm7768919mug.34.2009.10.19.02.20.21 (version=TLSv1/SSLv3 cipher=RC4-MD5); Mon, 19 Oct 2009 02:20:21 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by srvbsdnanssv.interne.kisoft-services.com (Postfix) with ESMTP id 9FA50170D1 for ; Mon, 19 Oct 2009 11:20:19 +0200 (CEST) X-Virus-Scanned: amavisd-new at interne.kisoft-services.com Received: from srvbsdnanssv.interne.kisoft-services.com ([127.0.0.1]) by localhost (srvbsdnanssv.interne.kisoft-services.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LcZsPYdLY3+f for ; Mon, 19 Oct 2009 11:20:15 +0200 (CEST) Received: by srvbsdnanssv.interne.kisoft-services.com (Postfix, from userid 1001) id BA262170DD; Mon, 19 Oct 2009 11:20:15 +0200 (CEST) Resent-To: Mailing List FreeBSD Network Resent-From: Eric Masson Resent-Message-ID: <86vdibkaeo.fsf@srvbsdnanssv.interne.kisoft-services.com> Resent-Date: Mon, 19 Oct 2009 11:20:15 +0200 X-From-Line: nobody Mon Oct 19 09:18:57 2009 To: Mailing List FreeBSD Network From: Eric Masson X-Operating-System: FreeBSD 6.4-RELEASE-p7 i386 Date: Mon, 19 Oct 2009 09:18:57 +0200 Message-ID: <861vkzlula.fsf@srvbsdnanssv.interne.kisoft-services.com> User-Agent: Gnus/5.1008 (Gnus v5.10.8) XEmacs/21.5-b28 (berkeley-unix) Lines: 23 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: Subject: IPSec, nat on enc device X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Oct 2009 09:34:32 -0000 Hello, OpenBSD has support for this kind of setup since last January : http://undeadly.org/cgi?action=article&sid=20090127205841 The commit : http://marc.info/?l=openbsd-cvs&m=123246256228242&w=2 >From what I've understood, pf, depending on version in FreeBSD, could already support natting on enc interfaces. The missing part seems to be laying at the IKE daemon level. Need of ipsec vpns beetween RFC1918 colliding networks is pretty usual these days, so has anyone considered working in this area ? Regards -- je comprend pas ce a quoi sert ce site ou cette boite a lettre.J'y voit plein de messages et autres anneries alors si tu pouvais m'aider et me repondre pour m'expliquer a qui et a quoi servent toutes ses phrases -+- DD in http://www.le-gnu.net : Allo Huston, nous avons un neuneu. -+-