Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 2 Oct 2002 20:08:56 +0200
From:      Guido van Rooij <guido@gvr.org>
To:        Julian Elischer <julian@elischer.org>
Cc:        freebsd-net@freebsd.org
Subject:   Re: non-transparent IPsec via a tun interface?
Message-ID:  <20021002180856.GA20868@gvr.gvr.org>
In-Reply-To: <Pine.BSF.4.21.0210010627350.84654-100000@InterJet.elischer.org>
References:  <20021001122130.GA14155@gvr.gvr.org> <Pine.BSF.4.21.0210010627350.84654-100000@InterJet.elischer.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Oct 01, 2002 at 06:34:29AM -0700, Julian Elischer wrote:
> I have done similar to this using teh GIF interface.
> 
> Each tunnel between sites had a gif interface and I firewalled
> for only ESP packets to and from the correct machines on the external
> interface, and for correct packets for permitted protocols
> and ports on the unencrypted data on the gif interfaces.

Thanks. That worked. I already thought it should be possible with a gif
interface, yet I always get confused with tunnels.

-Guido

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021002180856.GA20868>