tunneling / IPSec

Aaron Peterson dopplecoder at gmail.com
Fri Aug 12 01:28:23 GMT 2005

I've recently been through the relatively simple process of setting up
IPSec IP in IP tunnels between two FreeBSD boxes using gif interfaces
for the tunneling portion, native IPSec and the racoon port.

Best I can tell, this only works between two devices whose IP
addresses are directly accessable to each other (no NAT).

I'm wondering if there is an easy way to make this same tunnel work
through NAT, and/or if there is some other easy to implement
alternative that works through NAT.  I was thinking of tunneling the
encrypted IP packets over a TCP connection maybe.  But my thoughts
aren't always the right ones :-)  Is there a pseudo-interface that
allows tunneling over a tcp connection in a similar way to the gif


More information about the freebsd-questions mailing list