Tariq Rashid wrote: > On a slightly side note, I'd much prefer to see FreeBSD with IPSEC > pseudo-interfaces a la OpenBSD/linux. > > I'd much prefer to work with say, enc0, or ipsec1, than mess around > with guf half-tunnels.... makes complex routing much easier....
Have you looked at draft-touch-ipsec-vpn (ftp://ftp.isi.edu/internet-drafts/draft-touch-ipsec-vpn-03.txt)? We address just this issue with a combination of IPsec transport mode and IPIP tunnels. We are currently revising it and it will move to Informational RFC soon. Lars -- Lars Eggert <[EMAIL PROTECTED]> Information Sciences Institute http://www.isi.edu/larse/ University of Southern California
smime.p7s
Description: S/MIME Cryptographic Signature
