o;?Hi, I was using ipsec vpn between 2 OpenBSD Gateway. It worked very well.
Here : ---rl0---[fwA]---rl1--------(internet)---------sis1---[fwB with ftpd]---sis0--- Now we remove ftp services from fwB and put it on an other machine fwC with an internet connection (only one network card). is it possible to keep a vpn online from fwA and fwC, and so computersA can reach again ftp using vpn (provided by fwC). Perhaps i need to use vether on fwC so briged pf ? Here the old ipsec.conf from fwB: ike esp from 172.17.2.0/24 to 192.168.0.0/24 peer ip_fwA main auth hmac-sha1 enc aes-256 group modp1024 quick auth hmac-sha1 enc aes-256 group modp1024 psk "demopassword" My idea on fwC : add verther0 with : "inet 172.17.2.21 255.255.255.0" Need help ;-) Thank you very much. Wesley.
