Hi all, im using FreeBSD 6.2-p9 on my server which acts as IPSec router using ipsec-tools. This works fine... But now i need to filter traffic which comes from the local private network to the vpn private network. I tried todo this with pf and using keep state. The return packets just get dropped. So I reread the gif manpage and read about the IPSEC_FILTERGIF option. I rebuilded the kernel with the option and tried it again. No luck!
So I suspect this option is only valid for ipfw and ipf ? Any idea how i can use pf + ipsec ( over gif interface ) to filter the needed stuff. This for example not work: LOCAL_NET = 10.0.0.0/24 VPN_REMOTE_NET = 192.168.10.0/28 pass proto tcp from $LOCAL_NET to $VPN_REMOTE_NET port 22 flags S/SA keep state This works: LOCAL_NET = 10.0.0.0/24 VPN_REMOTE_NET = 192.168.10.0/28 pass proto tcp from $LOCAL_NET to $VPN_REMOTE_NET port 22 pass proto tcp from $VPN_REMOTE_NET port 22 to $LOCAL_NET Thx for the help bye Norman _______________________________________________ email@example.com mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"