Re: Ipsec with NAT on phase 2

2020-01-16 Thread Philipp Buehler
Am 15.01.2020 18:50 schrieb Dante F. B. Colò: Hello everyone I maintain some ipsec gateway using isakmpd on OpenBSD no problem at all, but i need to setup a new one but now with NAT on phase 2 , is this possible with iked or isakmpd ? outgoing NAT is like this:

Ipsec with NAT on phase 2

2020-01-15 Thread Dante F . B . Colò
Hello everyone I maintain some ipsec gateway using isakmpd on OpenBSD no problem at all, but i need to setup a new one but now with NAT on phase 2 , is this possible with iked or isakmpd ? Best Regards Dante

OpenBSD ipsec and nat

2011-02-22 Thread R0me0 ***
Hello there, I have the follow configuration IPSEC site-to-site but I have the follow problem aaa.bbb.ccc.dda-aaa.bbb.ccc.ddbbbb.ccc.ddd.eeaIPSECbbb.ccc.ddd.eeb-ccc.ddd.eee.ffa |gw aaa.bbb.ccc.ddc When network ccc.ddd.eee.ffa tranverse ipsec tunnel, I

VPN using ipsec and NAT : NO_TRAFFIC: SINGLE

2009-09-21 Thread openbsd
tcp from any to any port 80 - $mailserver rdr on egress proto tcp from any to any port https - $mailserver block log all pass quick proto esp keep state pass quick proto udp to port { isakmp, ipsec-nat-t } keep state pass log on enc0 pass quick inet proto { tcp, udp } from $lan to any port domain

Re: IPSEC and NAT

2008-09-19 Thread Johan Borch
Johan Borch johan.borch at gmail.com writes: Hi all, I have a problem with nat on an ipsec-tunnel. My setup is a follows: obsd 4.3 which have two IPSEC tunnels, one of the tunnels have an gif-interface on top of it to simplify routing the other one don't. External: em0, addr

IPSEC and NAT

2008-09-16 Thread Johan Borch
Hi all, I have a problem with nat on an ipsec-tunnel. My setup is a follows: obsd 4.3 which have two IPSEC tunnels, one of the tunnels have an gif-interface on top of it to simplify routing the other one don't. External: em0, addr. 1.1.1.1 2.2.2.0/24 vlan106-\__fxp0-- internal 3.3.3.0/24

pf tag from ipsec in nat rules

2007-09-24 Thread Markus Wernig
Hi all Can tags from ipsec (defined in ipsec.conf) be referenced in pf nat rules (OBSD 4.1)? The idea is: ipsec.conf: ike esp from A to B tag mytag pf.conf: nat on $int_if tagged mytag - ($int_if:1) nat on $int_if from !($int_if) - ($int_if:0) If I use the tagged keyword, the second nat

Re: pf tag from ipsec in nat rules

2007-09-24 Thread Markus Friedl
yes, that should be possible. if it does not work, then it's a bug. On Mon, Sep 24, 2007 at 03:08:29PM +0200, Markus Wernig wrote: Hi all Can tags from ipsec (defined in ipsec.conf) be referenced in pf nat rules (OBSD 4.1)? The idea is: ipsec.conf: ike esp from A to B tag mytag

ipsec and nat

2005-07-23 Thread Juraj Bednar
Hello, I have a problem with IPSec+NAT. Basically, I have succesfully established a connection between two machines (192.168.1.4 and 192.168.1.1) in transport mode. That means, I can ping each other and using tcpdump I see, that they go encapsulated in ESP. Now, I have another interface and I