fbsd 8.2, L2TP over IPsec and pf ?
lists at c0mplx.org
Fri Nov 4 13:18:56 UTC 2011
> I'm building a setup for incoming L2TP over IPsec connections
> using FreeBSD 8.2-REL.
> IPsec based on ports/security/ipsec-tools, the l2tp part
> works from net/mpd5/.
> If I disable the PF rules, everything works.
> If I enable the PF rules, the IPsec connection still comes up,
> but the L2TP requests are lost somewhere in the PF rules 8-(
> Interestingly, tcpdump enc0 does not see any encrypted packets (!)
> as long as the PF rules are active.
> Any hints on the PF rules required to allow those packets in ?
Turns out: ESP in/out was missing. set debug misc in the pf.conf
is worth a lot 8-)
Thanks for all help (by private mail).
I'll try to document this setup on some webpage (but this will take
1-2 month due to other projects 8-(
pi at opsec.eu +49 171 3101372 9 years to go !
More information about the freebsd-stable