FreeBSD ipsec and NAT

From: Simon Taylor (Simon.Taylor_at_corizon.com)
Date: 03/03/04

  • Next message: Nigel Houghton: "Re: FreeBSD ipsec and NAT"
    Date: Wed, 3 Mar 2004 19:00:14 -0000
    To: <freebsd-security@freebsd.org>
    
    

    Hi All,
    I currently have setup a site to site vpn using racoon on my freebsd
    firewall. All is well there and I can connect through the vpn when I am
    on the firewall and get the connection fine.
    Now I want to be able to connect from other machines through the
    firewall - this is where I come unstuck, the ipsec policy allows for my
    external address range to connect through the vpn, but then I would like
    my internal addresses to first get translated and then routed through
    the tunnel. But instead when I connect with my internal addresses they
    get translated, but then try and use the conventional gateway on the
    machine instead of picking up the ipsec policy.
    If that makes sense... I am using FreeBSD, ipf, ipnat and racoon.
    Any help appreciated
    Simon

    _______________________________________________
    freebsd-security@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-security
    To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"


  • Next message: Nigel Houghton: "Re: FreeBSD ipsec and NAT"

    Relevant Pages

    • RE: [Freebsd-net] VPN from me to a friend
      ... They are all used to do VPN stuff, racoon is a common VPN software package ... Me and a friend want to setup a VPN between our "core" routers using FreeBSD ...
      (freebsd-net)
    • Re: Setting up a multi-platform VPN?
      ... FreeBSD, on the other hand, seems ... > to use something called RACOON. ... it seesm that OS X has its own built-in PPTP ... > multi-platform VPN monster going? ...
      (freebsd-net)
    • Re: Setting up a multi-platform VPN?
      ... FreeBSD, on the other hand, seems ... > to use something called RACOON. ... it seesm that OS X has its own built-in PPTP ... > multi-platform VPN monster going? ...
      (freebsd-questions)
    • Re: VPN access newbie question
      ... > home via my work's VPN Of course it ... I can access Linux and Windows systems via the VPN with ... > no problem but I can't telnet, ping or tracert to the FreeBSD system. ... I think the problem isn't VPN but something else: dns, firewall. ...
      (comp.unix.bsd.freebsd.misc)
    • Re: how to configure a FreeBSD firewall to pass IPSec?
      ... > an IPSec VPN client running on another machine, ... I do this on my FreeBSD firewall, ... VPN switch at work. ...
      (FreeBSD-Security)