IPsec questions
Maicon Stihler
mrkung at gmail.com
Sun May 14 21:53:14 PDT 2006
Hi,
I started playing with IPsec on my FreeBSD 6.1 and I was wondering if
its possible to deploy an IPsec gateway behind a nat (1-1) router.
Im not sure, but I remember reading somewhere that other
implementations like Free/OpenSwan would let me to do that.
It would be something like:
LAN--[ freebsd box (ipsec with internal ip)---[nat router(public
ip)----[VPN clients]
The VPN clients would be roadwarriors and/or other vpn gateways.
Other question I have is, what is the recommended IKE daemon? I saw
that in the ports there is at least three (ipsec-tools (with racoon),
racoon2, and isakmpd). The isakmpd seems to be very clean, but I heard
that its not full-featured as it is on OpenBSD. Im using racoon (from
ipsec-tools) to encrypt my wireless traffic, but It core dumped a few
times and Im abit anxious about it, heh...
Best Regards,
Maicon
More information about the freebsd-questions
mailing list