On Tuesday, Dec 10, 2002, at 12:25 US/Eastern, Dru wrote:
The configuration you describe is still considered tunnel mode, evenThanks for the insight. I will look more closely at the tunnel mode.
though it looks part transport / part tunnel mode. Tunnel mode occurs
whenever a gateway encrypts on behalf of a network. Typical tunnels have
gateways at both ends, however it is possible to have a gateway at one end
and a single machine at the other.
I'm wondering if it isn't a better idea to use the FreeBSD box itself as the wireless access point, though it would require me buying a wireless card. Even with notebook-to-gateway IPsec someone could still bridge into my LAN through the Airport base station by breaking WEP and emulating my MAC address. Whereas if the wireless access point was on the FreeBSD gateway box I could set up the wireless side like an IPsec VPN, and set up firewall rules to protect my wired LAN.
Thanks for the responses.
Jeff
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message
