At 12:16 9-4-2002 +0200, Dennis Pedersen wrote:
>But uhm is there a 'simple' way of doing this? (as in just adding the IP of
>the other ends gif interface as destinatio in my routes?
>The setup today i an exact copy of (other IP's of course)
>www.freebsddiary.org/ipsec-tunnel.php
>This works just fine besides til problem with my routes, arcording to the
>draft IPIP is the solution. My Question is now how do i set up with an IPIP
>tunnel?
>On http://rr.sans.org/firewall/IPSec_VPN.php there is an example, from my
>point of view it looks kind of complicated. Can it be made any simpler?
>If this is the way to do it, can i run mutible natd on both my external
>interface and the virtual gif interface (the howto creates the gif tunnel
>and diverts all trafic into this tunnel with natd on both ends) and how?
>(because i can't really se how the ipfw add divert natd can tell the
>difference between te 2 sessions of natd)
That 2nd example is actually quite straightforward. It's just rather extensive.
And yes you can use 2 nat daemons. The 'natd' in the ipfw divert rule is
just a port number. You can start a second nat on a different divert port,
and use that other portnumber in the ipfw divert rule.
Good luck,
Doc
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
