"John W. O'Brien" <j...@saltant.com> writes: Hi John,
> You also need to perform NAT processing on the traffic that returns to > gateway1 from gateway2. > > $cmd add 200 nat 100 all from 192.168.21.0/24 to 172.16.0.1 I've been privately told about the return rule (I'm used to pf not ipfw), but no luck. Seems that http://www.freebsd.org/cgi/query-pr.cgi?pr=185876, as stated by Philipp could be an good candidate to explain failures even with return rule set up. > I'm curious to learn whether this is sufficient. I haven't tested any > combination of NAT and IPsec. bz@ seem to have used this kind of setup for a looong time ;) Regards Éric -- This is a multi-part message in MIME format. ... Content-Transfer-Encoding: quoted-printable ... J EN AI MARRE DES C... QUI NE RESPECTENT PAS LES CHARTES -+- R in: Guide du neuneu Usenet - bien respecter sa netiquette -+- _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
