fbsd 8.2, L2TP over IPsec and pf ?

Kurt Jaeger pi at opsec.eu
Thu Nov 3 15:53:01 UTC 2011


Hello,

I'm building a setup for incoming L2TP over IPsec connections
using FreeBSD 8.2-REL.

IPsec based on ports/security/ipsec-tools, the l2tp part
works from net/mpd5/.

If I disable the PF rules, everything works.

If I enable the PF rules, the IPsec connection still comes up,
but the L2TP requests are lost somewhere in the PF rules 8-(

Interestingly, tcpdump enc0 does not see any encrypted packets (!)
as long as the PF rules are active.

Any hints on the PF rules required to allow those packets in ?

Thanks!

-- 
pi at opsec.eu            +49 171 3101372                         9 years to go !


More information about the freebsd-stable mailing list