> MJ> LAN1 (192.168.10.0/24) <--> OpenBSD .99 <--> .254 Router IPx <--> Internet <--> IPy IPSec_GW (Vendor) <--> LAN2 (192.168.20.0/24) > MJ> As you can see the OpenBSD 4.9 server sits on the LAN1 and has one physical interface. > MJ> When it wants to access to the internet, its address 192.168.10.99 is natted in IPx and that's how the IPSec_GW(Vendor) sees the source packets.
> I would recommend to get a computer with 2 network interfaces. Otherwise > it's going to be very complicated at best. /24 (on the left) is for sure > not going to work. Hello Boris, I just wanted to give you a feedback about this configuration. It works. I'm able to ping a machine on LAN2 from LAN1. The OpenBSD ipsec gateway has only one physical interface. I haven't done anything special to make it work except adding a specific route on my LAN1 computer to LAN2 with NH OpenBSD .99 and enable net.inet.ip.forwarding
