I'm setting up an IPSec tunnel and in PF, I'm not skipping on enc0 (i.e. no 'set skip on enc0'). I'm curious to how direction is specified on enc0 when routing traffic. My scenario is like this:
remote box --> (IPSec tunnel) --> OpenBSD firewall --> OpenBSD server I want to send all my logs from 'remote box' to 'OpenBSD server' via the tunnel. The tunnel is working fine -- it's up and I can see some basic traffic. So on my firewall, where the traffic in the tunnel comes out, is traffic coming out or in from enc0? pass in on enc0 proto udp from $remote_box to $server port 514 tag VPN pass out on $int_if proto udp from $remote_box to $server port 514 tagged VPN OR pass out on enc0 proto udp from $remote_box to $server port 514 tag VPN pass out on $int_if proto udp from $remote_box to $server port 514 tagged VPN Why don't I just try it out? I'm away from accessing the machines for the time being and the idea (and how to solve it) is just swimming around in my head. Thanks in advance for any pointers. cheers. ryanc