how to configure a FreeBSD firewall to pass IPSec?
Fernando Gleiser
fgleiser at cactus.fi.uba.ar
Fri May 2 12:09:25 PDT 2003
On Wed, 30 Apr 2003, Guy Middleton wrote:
>
> Ok, now I'm confused. The same client (Cisco VPN 3.5 on Windows) works
> through a LinkSys router / NAT gateway (a BEFSR81) at a different location.
> The LinkSys even has a friendly little check-box to allow IPSec pass-through.
>
> I would like the FreeBSD gateway to work the same way as the LinkSys.
I have set up both Cisco and Checkpoint VPNs behind a FreeBSD router/firewall
runing IPFilter using both ESP and UDP encapsulation. It works like a charm.
In the ESP case, I have to 'bimap' (one to one NAT) the internal host
to an external IP. The UDP encapsulated case worked right out of the box.
Fer
More information about the freebsd-security
mailing list