On 3/7/14 1:40 PM, Eric Masson wrote: > Philipp Schmid <philipp.sch...@openresearch.com> writes: > > Hi Philipp, > >> FreeBSD 10 seems to have problems with IPSec and filtering/nat. >> Maybe your problem is related to: >> >> http://www.freebsd.org/cgi/query-pr.cgi?pr=185876 > > I've rebuilt a kernel with the last patch available in the PR. > It doesn't work (return nat rule in place). > > I think I'll try the following setup on gateway1 : > - IIPTran https://www.ietf.org/rfc/rfc3884.txt (ipip tunnel in transport > mode) > - outside nat with pf on gif interface > > What bothers me is that ipfw reverse nat should work...
I haven't done the mind meld with "reverse" yet. Could you comment on why you need to operate in a reversed NAT environment? What is it that's being reversed, and how does that apply to your use case? Regards, John
signature.asc
Description: OpenPGP digital signature
