Date: Fri, 8 Apr 2016 10:55:06 +0100 From: krad <kraduk@gmail.com> To: Wojciech Puchar <wojtek@puchar.net> Cc: freebsd-hackers@freebsd.org Subject: Re: IPSEC tunnels Message-ID: <CALfReydUCVg7A7ngS1vBHkCMOqgBOpddcn5JyfMUaWnWfqJhrg@mail.gmail.com> In-Reply-To: <alpine.BSF.2.20.1604080749020.4250@laptop.wojtek.intra> References: <alpine.BSF.2.20.1604080749020.4250@laptop.wojtek.intra>
next in thread | previous in thread | raw e-mail | index | archive | help
I did do it once a long time ago, and it did work, but remember you are dealing with layer 3 so you cant use normal port forwarding for the tunnel traffic. The key exchange is less problematic. It was a bit of a head ache, and if you can avoid the NAT you will be far better off. On 8 April 2016 at 06:50, Wojciech Puchar <wojtek@puchar.net> wrote: > does anyone use this in production? How about performance. OpenVPN > performance is poor due to system call/context switch on every packet. > > I found lots of examples how to configure it, but none where one side is > over NAT. Can it be configured that way? Any examples? > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CALfReydUCVg7A7ngS1vBHkCMOqgBOpddcn5JyfMUaWnWfqJhrg>