Require IPSEC transparent.
Lewis Thompson
purple at lewiz.net
Thu Nov 27 15:25:06 PST 2003
Hi,
I'm wondering if the following situation would be possible:
I have a small LAN (one server, three workstations) and want to fully
encrypt it (since it's quite easy for somebody to plug into my switch --
I'm at university and the machines are in my room).
What I would like is for my server (FreeBSD 4.9-RELEASE) to only
accept IPSEC encrypted packets on the range, say,
192.168.0.1-192.168.0.24. Anything above 24 can talk without IPSEC, but
all sorts of insecure services are firewalled off.
This seems a nice way to do things to me (although I am very open to
suggestions) but I have little idea how I would mandate IPSEC packets.
I currently have IPSEC ESP/transparent between my server and a
workstation so I could easily expand this to more machines.
Thanks very much,
-lewiz.
--
I was so much older then, I'm younger than that now. --Bob Dylan, 1964.
------------------------------------------------------------------------
-| msn:purple at lewiz.net | jabber:lewiz at jabber.org | url:www.lewiz.org |-
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20031127/67e8c7a3/attachment.bin
More information about the freebsd-questions
mailing list