Impossible to IPfilter this?
Lupe Christoph
lupe at lupe-christoph.de
Sat Jun 14 02:55:04 PDT 2003
On Thursday, 2003-06-12 at 18:08:01 -0400, Justin wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> On Thu, 12 Jun 2003, Lupe Christoph wrote:
> > I've used ipsec0 on Linux for similar purposes, and I would like to see
> > an IPSec interface in FreeBSD as well. As I said, I could not get GIF to
> > work with FreeS/WAN, so I'm stuck with the current interface-deprived
> > IPSec implementation.
> We haven't gotten to the point of applying ipsec on the traffic between
> hosts yet (don't worry, only pings and ssh so far anyway) but a friend and
> I have a gif <-> iptun tunnel setup between a FreeBSD 4.8-RELEASE (plus
> patches) and a 2.4x kernel with FreeS/WAN. Works fine.
I'd appreciate seeing your config files for both sides. racoon.conf and
ipsec.conf.
> Seattle Wireless group had a handy little shell script that the guy at the
> Linux end based his commands off of. We'll see if problems arise when
> ipsec is applied to all traffic between the hosts, but I don't anticipate
> that will cause any problems.
> http://www.seattlewireless.net/index.cgi/IpTunnel
I'm afraid, this is talking about IPTunnel. IPTunnel does not do IPSec.
As I understand this, the traffic is not secured (authenticated,
encrypted).
So you may not have the config files I asked for above at all. Please
recheck what you have.
Thank you,
Lupe Christoph
--
| lupe at lupe-christoph.de | http://www.lupe-christoph.de/ |
| "Violence is the resort of the violent" Lu Tze |
| "Thief of Time", Terry Pratchett |
More information about the freebsd-security
mailing list