how to configure a FreeBSD firewall to pass IPSec?
Eric Anderson
anderson at centtech.com
Wed Apr 30 12:04:10 PDT 2003
Lowell Gilbert wrote:
> Guy Middleton <guy at obstruction.com> writes:
>
>
>>I have a FreeBSD box acting as a firewall and NAT gateway
>>
>>I would like to set it up to transparently pass IPSec packets -- I have
>>an IPSec VPN client running on another machine, connecting to a remote network.
>>
>>Is there a way to do this? I can't find any hints in the man pages.
>
>
> It's impossible. IPSEC can't be passed through a NAT.
>
> The best you could do would be to terminate the tunnel on the gateway itself.
It actually depends on what is being "ipsec"'ed .. but for most real
uses, you are right..
Eric
--
------------------------------------------------------------------
Eric Anderson Systems Administrator Centaur Technology
Attitudes are contagious, is yours worth catching?
------------------------------------------------------------------
More information about the freebsd-security
mailing list