To which I can only say that in IPv4 world and VPN, NAT is almost
mandatory. For me, using NAT allows me to set up VPN specific
routing for my special project within a corporate network without
bothering the network administrator with using FreeBSD instead of
their Cisco stuff for routing.
Hi!
I'm new to the list and before I post I want to know if there
are FAQ, if so, can someone send me the URL from where I can
download it...
Thank you very much and receive my best regards from Chile.
InterNet : [EMAIL PROTECTED]
I am tempted to "outsource" the IPsec functionality away from the
kernel using a demon on a divert socket, just like NATD. This would
be more modular and keeps the kernel from panicing because of bugs
in IPsec -- I did have embarrassing kernel crashes, just when I bragged
about FreeBSD running
the problem we have right now in FreeBSD is described below.
http://www.netbsd.org/Documentation/network/ipsec/#ipf-interaction
when IPsec tunnel packet comes in, normal ipfw/ipfilter/whatever looks
at it twice. once before the decapsuation, once after the