From owner-freebsd-doc@FreeBSD.ORG Wed May 24 03:43:29 2006 Return-Path: X-Original-To: doc@FreeBSD.org Delivered-To: freebsd-doc@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DF14616A80C for ; Wed, 24 May 2006 03:43:29 +0000 (UTC) (envelope-from matt@databias.co.za) Received: from ctb-mesg9.saix.net (ctb-mesg9.saix.net [196.25.240.89]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5AA8043D49 for ; Wed, 24 May 2006 03:43:28 +0000 (GMT) (envelope-from matt@databias.co.za) Received: from [10.0.2.6] (dsl-165-220-21.telkomadsl.co.za [165.165.220.21]) by ctb-mesg9.saix.net (Postfix) with ESMTP id AACC0241D for ; Wed, 24 May 2006 05:43:26 +0200 (SAST) Message-ID: <4473D662.20502@databias.co.za> Date: Wed, 24 May 2006 05:43:30 +0200 From: Matthew Faircliff User-Agent: Thunderbird 1.5.0.2 (Windows/20060308) MIME-Version: 1.0 To: doc@FreeBSD.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: Subject: 14.10 VPN over IPsec X-BeenThere: freebsd-doc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Documentation project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 May 2006 03:43:31 -0000 Hello, It seems as though your current documentation on VPN over IPsec is incorrect: Step 1 should include the ipencap firewall rule on both hosts. Pinging will not work between the networks if protocol 4 (IP in IP) is not allowed. Thank you for an otherwise excellent doc. Matt.