-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Doug Poland <[EMAIL PROTECTED]> wrote: > > I have DNS resolution, the problem ( I think ) is in that pf simply > sees the packet destined for my single public IP (because all my > public host names must resolve to the same public IP address) and port > 443.
I am not sure how you expect this to work. The web browser will expect the server to send a certificate with its identity as part of the initial SSL negotiation. The client has not yet sent its request, so the web server has no idea which of the three domains the browser wanted to talk to, so it does not know which certificate should be sent. This is the reason why every SSL site must have its own unique (public) IP address. - -- David DeSimone == Network Admin == [EMAIL PROTECTED] "This email message is intended for the use of the person to whom it has been sent, and may contain information that is confidential or legally protected. If you are not the intended recipient or have received this message in error, you are not authorized to copy, dis- tribute, or otherwise use this message or its attachments. Please notify the sender immediately by return e-mail and permanently delete this message and any attachments. Verio, Inc. makes no warranty that this email is error or virus free. Thank you." --Lawyer Bot 6000 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFHlNynFSrKRjX5eCoRAp52AKCIqjzGs2D1o0JAdXfcbZU7YZMlYwCgo0Hz b0D/2UqYItVoa28DeRUPXy0= =QKzq -----END PGP SIGNATURE----- _______________________________________________ freebsd-pf@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[EMAIL PROTECTED]"
