On Tue, 10 Dec 2002, Jeff Walters wrote:
> At home I have a FreeBSD gateway working nicely for NAT and firewall. > One of the machines behind this firewall is an OS X iBook running > through a WEP-enabled Airport base station in bridged mode (i.e. it > only bridges the wireless and the ethernet). WEP has known problems, > and I'd like to secure the link between the iBook and the FreeBSD > firewall against snooping or malicious neighbors, etc. > > I think that IPsec is the closest thing to an answer, however after > much digging through setkey man pages, the FreeBSD handbook, and other > HOWTO web pages nothing clearly describes this configuration. This is > not really IPSec transport mode, because it's only secure between host > and gateway not host and host, and it's not tunnel mode because I'm not > joining two LANs. Has anyone done this? The configuration you describe is still considered tunnel mode, even though it looks part transport / part tunnel mode. Tunnel mode occurs whenever a gateway encrypts on behalf of a network. Typical tunnels have gateways at both ends, however it is possible to have a gateway at one end and a single machine at the other. HTH, Dru To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
