On Fri, 2002-01-18 at 14:04, Frederic Lemoine wrote: > Hello, > > So finally I could have my traffic encrypted between my W2K workstation > and my OpenBSD 3.0 (ISAKMP). > > The OpenBSD is my gateway/firewall to the internet. I do NAT in hide > mode : > > w2k [172.16.1.166]-----[172.16.1.3] OpenBSD [193.121.122.1]---Internet > > The traffic between 172.16.1.166 and 172.16.1.3 is encrypted, but as > soon as I go to the Internet from 172.16.1.166, it flows in clear text > on the LAN. > > Is there a way to keep the traffic encrypted until the internal NIC of > the firewall ? Would static NAT change something to the problem ? sure. For non-dynamic TCP sessions, use ssh port forwarfing. it works great.
-- /Saad Kadhi -- [[EMAIL PROTECTED]] [pgp keyid: 35592A6D http://pgp.mit.edu] # buy a geek-in-a-can, point nozzle at technical problem and spray # if desesperate degauss your screen. it might solve your pb as well _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
