[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: VPN behind a router

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: VPN behind a router
From: Helio Santana <heliosantanaperez_(_at_)_gmail_(_dot_)_com>
Date: Tue, 02 Aug 2005 21:18:37 +0100

> Do you think that I must disable AH in sysctl.conf?
> 
> net.inet.ah.enable=0
> 
> Only this? I can't try this now because I'm not at office. I'll try it
> tomorow...
> Thanks,
> Helio.

> Yes, you can use that setting to disable AH.  Also, you need to make
> sure that your NAT routers are forwarding port 500 for isakmpd traffic
> to the openbsd computers.

Thanks. I'm sure that my router forward all the traffic received on port
500 from internet to the OpenBSD because when I make a tcpdump listening
on my OBSD external interface (with -i ne3 udp port 500), I see there is
incoming traffic...

Do you really think that if I disable AH in sysctl.conf will be
enough?... :)

Cheers,
Helio.

Prev by Date: Re: [Re: FTPS recommendations?]
Next by Date: Re: authpf-like functionality via a web interface?
Previous by thread: Re: VPN behind a router
Next by thread: Votre message à la liste cps-users-fr est en attente d'approbation
Index(es):
- Date
- Thread

Visit your host, monkey.org