Moving to net@ 24.04.2019 1:06, Wojciech Puchar wrote:
>>> can IPSEC VPN work over nat? even freebsd-freebsd case. >>> >>> I cannot find any tutorial how to do this. >> >> FreeBSD 11.1 and later supports IPSec NAT Traversal out-of-the-box. >> >> >> > so do you have an URL for guide how to do this. i have no real knowlege of > this and would like to test it, first in my home router. > > my server have of course static public IP, but clients may have anything You just run an IKE daemon of choice (ipsec-tools/racoon, strongswan etc.) And optionally run mpd5 daemon if you need to support IPSec/L2TP clients too. GENERIC kernel and standard daemon configuration is enough, no secrect knowledge. Just don't forget to enable NAT-T while configuring IKE daemon. _______________________________________________ freebsd-net@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
