On 20 Jul 2017, at 22:02, Kajetan Staszkiewicz wrote:
Yet for a reason beyond my understanding FreeBSD handbook proposes a
3rd mode:
using a GIF tunnel together with IPSec tunnel mode. I really don't
understand
how is that supposed to work. People On The Internet also seem not to
be able
..
Dennis Pedersen wrote:
>>Setting up the other approach (IPIP tunnel + IPsec transport mode) works
>>by first setting up the tunnels (see the gifconfig/ifconfig man pages)
>>and stringing the topology together with route (route man page). No
>>other commands are needed. Once this works (i.e. you se
At 13:36 9-4-2002 +0200, Dennis Pedersen wrote:
>Uhm okai, but where do i see the port number for the 2 natd processes? , kan
>i specify it somewhere or?
From natd(8):
-port | -p port
Read from and write to divert(4) port port, distinguishing
packets as
- Original Message -
From: "Lars Eggert" <[EMAIL PROTECTED]>
To: "Dennis Pedersen" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Tuesday, April 09, 2002 6:18 PM
Subject: Re: IPsec tunnel mode
> Dennis Pedersen wrote:
> > But uhm is
Dennis Pedersen wrote:
> But uhm is there a 'simple' way of doing this?
Did you look at the KAME newsletters? (URL in a previous email)
Lars
--
Lars Eggert <[EMAIL PROTECTED]> Information Sciences Institute
http://www.isi.edu/larse/ University of Southern California
Dennis Pedersen wrote:
> But uhm is there a 'simple' way of doing this? (as in just adding the IP of
> the other ends gif interface as destinatio in my routes?
> The setup today i an exact copy of (other IP's of course)
> www.freebsddiary.org/ipsec-tunnel.php
> This works just fine besides til pro
From: "Rogier R. Mulhuijzen" <[EMAIL PROTECTED]>
> At 12:16 9-4-2002 +0200, Dennis Pedersen wrote:
> >But uhm is there a 'simple' way of doing this? (as in just adding the IP
of
> >the other ends gif interface as destinatio in my routes?
> >The setup today i an exact copy of (other IP's of cours
At 12:16 9-4-2002 +0200, Dennis Pedersen wrote:
>But uhm is there a 'simple' way of doing this? (as in just adding the IP of
>the other ends gif interface as destinatio in my routes?
>The setup today i an exact copy of (other IP's of course)
>www.freebsddiary.org/ipsec-tunnel.php
>This works just
- Original Message -
From: "Lars Eggert" <[EMAIL PROTECTED]>
To: "Dennis Pedersen" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Monday, April 08, 2002 11:23 PM
Subject: Re: IPsec tunnel mode
> Dennis Pedersen wrote:
> > Because on t
Rogier R. Mulhuijzen wrote:
> I'd like to hear how to do it the proper way though. Feel like clueing
> me in?
Check the KAME newsletters (e.g.
http://www.kame.net/newsletter/20001119/) for configuration examples.
There are also some examples in the IMPLEMENTATION and USAGE files under
CVS (we
At 14:20 8-4-2002 -0700, Lars Eggert wrote:
>There are no IPsec tunnel devices in KAME. IPsec defines "security
>associations" (SAs), which are not represented as devices in the routing
>table in KAME. Thus, you can't use routes to direct traffic into these
>tunnel mode SAs, you need to set up you
Julian Elischer wrote:
> Assign the required address to the netgraph interface and then
> use the IP-over-UDP example in the netgraph examples.
Good idea. IP-over-UDP has advantages when it comes to firewall- and
NAT-traversal. IP-over-IP has the advantage that it looks like IPsec
tunnel mode
you can do another form of tunnelling by using
a netgraph interface.
Assign the required address to the netgraph interface and then
use the IP-over-UDP example in the netgraph examples.
tehn set up teh security associations so that the UDP packets
generated are encrypted.. this is basically th
Dennis Pedersen wrote:
> Because on the [EMAIL PROTECTED] Lars Eggert said something about using
> transport mode, not tunnel mode. This confused me a bit because isnt
> transport between 2 hosts only
I said a possibility would be to use IPsec transport mode OVER AN IPIP
TUNNEL, which is not he
Rogier R. Mulhuijzen wrote:
>> http://www.x-itec.de/projects/tuts/ipsec-howto.txt
>
> Unfortunately this howto, like any other mention of IPsec &
> tunneling on the net uses the gif interface. Which is IPoverIP, and
> this does not seem to match with IPsec tunnel devices.
There are no IPsec
- Original Message -
From: "Rogier R. Mulhuijzen" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, April 08, 2002 8:04 PM
Subject: IPsec tunnel mode
> I've been following the KAME vs. OpenBSD IPsec thread somewhat, and I
> gather that IPsec tunnel mode is not the same as using t
At 13:07 8-4-2002 -0500, Matthew wrote:
>check out this link... they were a great deal of help to me when i went
>to setup ipsec on freebsd...
>
>Best wishes
> Hytekblue
>
>http://www.x-itec.de/projects/tuts/ipsec-howto.txt
Unfortunately this howto, like any other mention of IPsec & tu
check out this link... they were a great deal of help to me when i went
to setup ipsec on freebsd...
Best wishes
Hytekblue
http://www.x-itec.de/projects/tuts/ipsec-howto.txt
> At 20:04 8-4-2002 +0200, Rogier R. Mulhuijzen wrote:
> >My question is, can one get IPsec tunnel mode to wo
At 20:04 8-4-2002 +0200, Rogier R. Mulhuijzen wrote:
>My question is, can one get IPsec tunnel mode to work in BSD, and how is
>it done? I do not need a lengthy story, a few terse pointers would be
>quite enough.
Pardon me. I meant FreeBSD not BSD.
Doc
To Unsubscribe: send mail to [
19 matches
Mail list logo
