On Mon, 17 Apr 2006, Bjoern A. Zeeb wrote:
> On Thu, 13 Apr 2006, Kelly Yancey wrote:
>
> > I'm curious: how are you performing NAT on your tunnelled traffic?
>
> the answer is simple: do not NAT on the ipsec interface though it's
> not fully correct because I do even NAT traffic that goes like:
>
On Thu, 13 Apr 2006, Kelly Yancey wrote:
I'm curious: how are you performing NAT on your tunnelled traffic?
the answer is simple: do not NAT on the ipsec interface though it's
not fully correct because I do even NAT traffic that goes like:
A lan1(ipsec only) --- gw(NAT) --- lan2(ipsec on
On Tue, 11 Apr 2006, Bjoern A. Zeeb wrote:
> On Tue, 11 Apr 2006, Kelly Yancey wrote:
>
> Hi,
>
> > On Sun, 2 Apr 2006, Dmitry Pryanishnikov wrote:
> >
> >> On Sun, 2 Apr 2006, Bjoern A. Zeeb wrote:
> Why not? IMHO it will be very useful feature: think about e.g. traffic
> shaping for se
On Tue, 11 Apr 2006, Kelly Yancey wrote:
Hi,
On Sun, 2 Apr 2006, Dmitry Pryanishnikov wrote:
On Sun, 2 Apr 2006, Bjoern A. Zeeb wrote:
Why not? IMHO it will be very useful feature: think about e.g. traffic
shaping for several different networks which are routed via the same
ipsec tunnel. Wit
On Sun, 2 Apr 2006, Dmitry Pryanishnikov wrote:
>
> Hello!
>
> On Sun, 2 Apr 2006, Bjoern A. Zeeb wrote:
> >> Why not? IMHO it will be very useful feature: think about e.g. traffic
> >> shaping for several different networks which are routed via the same
> >> ipsec tunnel. Without the enc0, you ca
Dmitry Pryanishnikov wrote:
>
> Hello!
>
> On Sun, 2 Apr 2006, Bjoern A. Zeeb wrote:
>
>>> Why not? IMHO it will be very useful feature: think about e.g.
>>> traffic shaping for several different networks which are routed via
>>> the same
>>> ipsec tunnel. Without the enc0, you can only shape t
Hello!
On Sun, 2 Apr 2006, Bjoern A. Zeeb wrote:
Why not? IMHO it will be very useful feature: think about e.g. traffic
shaping for several different networks which are routed via the same
ipsec tunnel. Without the enc0, you can only shape them together, e.g.:
why not shaping on the internal
On Sun, 2 Apr 2006, Dmitry Pryanishnikov wrote:
Hello!
On Fri, 31 Mar 2006, Bruce M Simpson wrote:
On Sat, Apr 01, 2006 at 12:28:13AM +0200, VANHULLEBUS Yvan wrote:
2) use enc0 support, which is actually pr kern/94829, and which should
be included soon in kernel.
Oh god! Not another ifn
Hello!
On Fri, 31 Mar 2006, Bruce M Simpson wrote:
On Sat, Apr 01, 2006 at 12:28:13AM +0200, VANHULLEBUS Yvan wrote:
2) use enc0 support, which is actually pr kern/94829, and which should
be included soon in kernel.
Oh god! Not another ifnet! NoOO!!
Why not? IMHO it will be ver
On Sat, Apr 01, 2006 at 12:28:13AM +0200, VANHULLEBUS Yvan wrote:
> 2) use enc0 support, which is actually pr kern/94829, and which should
>be included soon in kernel.
Oh god! Not another ifnet! NoOO!!
*runs away*
___
freebsd-net@freebsd.org
On Fri, Mar 31, 2006 at 03:18:32PM -0500, Eric W. Bates wrote:
> This seems like a dumb question; but I wonder if one can use tcpdump to
> view the decrypted out flow from and esp tunnel?
>
> I have an established tunnel on machine 'firewall'.
>
> The tunnel is a route between net 10.128.10.0/24
11 matches
Mail list logo
