[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPSec across a NAT



> then in ipf.rules:
> block in on mx0 from any to 207.103.201.143/32 head 1
> pass in on mx0 proto esp from any to 207.103.201.143/32 group 1
>


whoops.  that should be
block in on mx0 from any to *externalip*/32 head 1
pass in on mx0 proto esp from any to *externalip*/32 group 1

I really do need to start to READ the email before hitting the damn send
button.

I would like to thank Chris Cappuccio for this.  I'm almost positive he's
the one who told me how to do this, but i might be wrong...

Luke