IPSec routing (long post)

jhall at socket.net jhall at socket.net
Sat May 21 21:59:26 UTC 2011

>From : claudiu vasadi <claudiu.vasadi at gmail.com>
To : jhall at socket.net
Subject : Re: IPSec routing (long post)
Date : Sat, 21 May 2011 18:45:07 +0200
  Some additional points:
> - have you been following the FreeBSD handbook on this ? ->
> http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ipsec.html
> - pls post your ifconfig  interface settings
> - you can use "tcpdump" to sniff traffic off of your "real" network
> interface (tcpdump (-v) -i <interface> host <vendor_ext_IP> and dst
> <local_ext_IP>)
> - do you have "options IPSEC" and "device crypto" in your kernel ?

My understanding is the handbook was using tunnel mode to connect the 
networks, and I am using transport mode.  Are these the same, and I am 
misunderstanding what I am reading. 


More information about the freebsd-questions mailing list