[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPSec across a NAT

To: "Luke Renn" <lrenn@etci.com>,<chris.goellner@corp.bellsouth.net>, <tech@openbsd.org>
Subject: Re: IPSec across a NAT
From: "Luke Renn" <lrenn@etci.com>
Date: Wed, 12 Jan 2000 11:57:16 -0500
References: <fbbp7s8mbclq3al8jb92j5e4qamnf0dfn7@4ax.com> <027801bf5d1d$8d59f1a0$0a83a8c0@localnet>

> then in ipf.rules:
> block in on mx0 from any to 207.103.201.143/32 head 1
> pass in on mx0 proto esp from any to 207.103.201.143/32 group 1
>


whoops.  that should be
block in on mx0 from any to *externalip*/32 head 1
pass in on mx0 proto esp from any to *externalip*/32 group 1

I really do need to start to READ the email before hitting the damn send
button.

I would like to thank Chris Cappuccio for this.  I'm almost positive he's
the one who told me how to do this, but i might be wrong...

Luke

References:
- IPSec across a NAT
  - From: Chris Goellner <chris.goellner@corp.bellsouth.net>
- Re: IPSec across a NAT
  - From: "Luke Renn" <lrenn@etci.com>

Prev by Date: Re: IPSec across a NAT
Next by Date: current kernel compiling
Prev by thread: Re: IPSec across a NAT
Next by thread: Re: IPSec across a NAT
Index(es):
- Date
- Thread