* Re: IPSec in Jail

[Devin Teske]

On Dec 3, 2011, at 4:42 PM, Alejandro Imass <aimass at yabarana.com> wrote:

> Hello,
> 
> I was following a thread in FBSD Spanish talking about the use of
> IPSec in Jails and there was no conclusion to the matter. I have a
> client that wants to run a VPN which requires IPSec and he is running
> on some jails we provide them. We can provide them with a public IP
> for the jail but I'm not sure if this will work.
> 
> I understand from the thread that recompiling the kernel with VIMAGE
> enabled should allow the use of IPSec in the jails but apparently
> until 8.0 this was experimental. This particular server uses 8.2 so I
> would like to know if anyone here has done this and how stable it is?
> Would enabling VIMAGE for the base kernel compromise the system and
> other clients running on other jails in the same server?

We're using 8.1 + VIMAGE and using openvpn, ipfw, and IPSec within jail successfully.

No stability issues with other jails (so far), but then again only been running that setup (with IPSec/openvpn in a vimage) for a few weeks now. But, so far so good!
-- 
Devin


> 
> Thanks beforehand for any valuable comments!
> 
> -- 
> Alejandro Imass
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"

_____________
The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you.